OpenSolaris

Printable Version Enter a New Search
Bug ID 6799867
Synopsis BIND fails to start in chroot environment
State 11-Closed:Not a Defect (Closed)
Category:Subcategory network:dns
Keywords opensolaris
Responsible Engineer Stacey Marshall
Reported Against snv_105
Duplicate Of
Introduced In
Commit to Fix
Fixed In
Release Fixed
Related Bugs
Submit Date 1-February-2009
Last Update Date 10-November-2009
Description 
Category
   network
Sub-Category
   dns
Description
   The "named" DNS server daemon will not start.
Frequency
   Always
Regression
   No
Steps to Reproduce
   Configure valid named.conf and zone files and attempt to start the DNS service.
Expected Result
   The "named" daemon should run.
Actual Result
   The "named" daemon exits with an error.
Error Message(s)
   # /usr/sbin/named -t /var/named -u dns -f -g
31-Jan-2009 21:07:16.697 starting BIND 9.3.6 -t /var/named -u dns -f -g
31-Jan-2009 21:07:16.697 found 8 CPUs, using 8 worker threads
31-Jan-2009 21:07:16.715 socket.c:3259: unexpected error:
31-Jan-2009 21:07:16.715 open(/dev/poll) failed: No such file or directory
31-Jan-2009 21:07:16.715 ./main.c:495: unexpected error:
31-Jan-2009 21:07:16.715 isc_socketmgr_create() failed: file not found
31-Jan-2009 21:07:16.715 create_managers() failed: unexpected error
31-Jan-2009 21:07:16.715 exiting (due to early fatal error)
Test Case
   
Workaround
   
Submitter wants to work on bug
   No
Additional configuration information
   Running BIND as user "dns" and chroot'ed to /var/named.  This configuration worked in every nevada build until 105.
Work Around 
BIND 9.3.6 now uses poll(7d) and therefore the chroot environment
needs to be modified to include the poll device.  For example:

   # ls -ld /devices/pseudo/poll@0:poll
   crw-rw-rw-  1 root  sys  138, 0 May 28 04:25 /devices/pseudo/poll@0:poll
   # cd /var/named/dev
   # ls
   null    random
   # mknod poll c 138 0
   # chmod 666 poll
   # svcadm clear svc:/network/dns/server:default
   # svcadm enable svc:/network/dns/server:default

Note, Sun recommends using zones(5) and Role-Based Access Control,
rbac(5), rather than chroot(2) environments.

Other devices may also be required within a chroot environment.
For example as of BIND 9.6.1-P1 the devices used by named are:

$ strings /usr/sbin/named /usr/lib/dns/lib* | grep '^/dev/[a-z]*$' | sort -u
/dev/null
/dev/poll
/dev/random
/dev/tty

To see the special file characteristics and arguments for mknod use ls(1):

$ ls -lL /dev/null /dev/poll /dev/random /dev/tty
crw-rw-rw-   1 root     sys       13,  2 Nov 10 11:15 /dev/null
crw-rw-rw-   1 root     sys      138,  0 Nov 10 10:07 /dev/poll
crw-r--r--   1 root     sys      190,  0 Oct 21 09:29 /dev/random
crw-rw-rw-   1 root     tty       22,  0 Nov 10 11:11 /dev/tty

Note the above values may change between different systems and releases.
Comments 
The description shows that the '-t chrootdir' option has been used. 
The error reported by named indicates the error; there is no poll(7d)
device. BIND 9.3.6 now uses poll(7d) and therefore the chroot environment
needs to be modified to include the poll device.  For example:

   # ls -ld /devices/pseudo/poll@0:poll
   crw-rw-rw-  1 root  sys  138, 0 May 28 04:25 /devices/pseudo/poll@0:poll
   # cd /var/named/dev
   # ls
   null    random
   # mknod poll c 138 0
   # chmod 666 poll
   # svcadm clear svc:/network/dns/server:default
   # svcadm enable svc:/network/dns/server:default

Note, Sun recommends using zones(5) and Role-Based Access Control,
rbac(5), rather than chroot(2) environments.