Bug#649988: bind9: rndc-confgen fails due to libssl dependency problem
Same issue here.. just tried to update to bind 9.8.1 in testing and it
failed with the 'initializing DST: openssl failure' error.
I'm running openssl 1.0.0g, and the temporary fix did not work for me
(it seems to be related to chrooted bind and I'm not using that - it's
just a bog standard install).
Strace shows it loading the infamous libgost.so file correctly, then dying.
I have found no way past this error.. could the logging be improved?
'openssl failure' isn't exactly informative.
Tony
open(/usr/lib/ssl/openssl.cnf, O_RDONLY) = 8
fstat(8, {st_mode=S_IFREG|0644, st_size=10835, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7f117e4fe000
read(8, #\n# OpenSSL example configuratio..., 4096) = 4096
read(8, Netscape crash on BMPStrings or ..., 4096) = 4096
read(8, this to avoid interpreting an e..., 4096) = 2643
read(8, , 4096) = 0
close(8)= 0
munmap(0x7f117e4fe000, 4096)= 0
futex(0x7f117cef50ec, FUTEX_WAKE_PRIVATE, 2147483647) = 0
open(/usr/lib/openssl-1.0.0/engines/libgost.so, O_RDONLY) = 8
read(8,
\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\220X\0\0\0\0\0\0...,
832) = 832
fstat(8, {st_mode=S_IFREG|0644, st_size=95568, ...}) = 0
mmap(NULL, 2190728, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 8,
0) = 0x7f11791f1000
mprotect(0x7f1179207000, 2093056, PROT_NONE) = 0
mmap(0x7f1179406000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 8, 0x15000) = 0x7f1179406000
close(8)= 0
munmap(0x7f11791f1000, 2190728) = 0
gettimeofday({1329160359, 137859}, NULL) = 0
stat(/etc/localtime, {st_mode=S_IFREG|0644, st_size=3661, ...}) = 0
write(2, 13-Feb-2012 19:12:39.137 initial..., 5913-Feb-2012
19:12:39.137 initializing DST: openssl failure
) = 59
gettimeofday({1329160359, 138046}, NULL) = 0
stat(/etc/localtime, {st_mode=S_IFREG|0644, st_size=3661, ...}) = 0
write(2, 13-Feb-2012 19:12:39.138 exiting..., 5413-Feb-2012
19:12:39.138 exiting (due to fatal error)
) = 54
exit_group(1) = ?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#649988: bind9: rndc-confgen fails due to libssl dependency problem
same problem here: from /var/log/apt/term.log error during update: Setting up bind9 (1:9.8.1.dfsg.P1-2) ... NOT updating named.conf.options to include DNSSEC enablement Starting domain name service...: bind9 failed! invoke-rc.d: initscript bind9, action start failed. dpkg: error processing bind9 (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: bind9 and from /var/log/syslog Feb 9 08:43:46 lrdlnx named[23073]: starting BIND 9.8.1-P1 -u bind -t /var/lib/named Feb 9 08:43:46 lrdlnx named[23073]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' Feb 9 08:43:46 lrdlnx named[23073]: adjusted limit on open files from 16384 to 1048576 Feb 9 08:43:46 lrdlnx named[23073]: found 4 CPUs, using 4 worker threads Feb 9 08:43:46 lrdlnx named[23073]: using up to 4096 sockets Feb 9 08:43:46 lrdlnx named[23073]: initializing DST: openssl failure Feb 9 08:43:46 lrdlnx named[23073]: exiting (due to fatal error) this worked as temporary fix http://lists.debian.org/debian-user/2011/11/msg01939.html -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#649988: bind9: rndc-confgen fails due to libssl dependency problem
Package: bind9 Version: 1:9.8.1.dfsg-1 Severity: normal It seems that 9.8.1 requires bumping the libssl dependency up to 1.0.0. At least after upgrading libssl from 0.9.8 to 1.0.0 rndc-confgen and bind9 server startup problems due to initialize dst library: openssl failure were fixed. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages bind9 depends on: ii adduser 3.113 add and remove users and groups ii bind9utils1:9.8.1.dfsg-1 Utilities for BIND ii debconf [debconf-2.0] 1.5.41 Debian configuration management sy ii libbind9-80 1:9.8.1.dfsg-1 BIND9 Shared Library used by BIND ii libc6 2.13-18Embedded GNU C Library: Shared lib ii libcap2 1:2.22-1 support for getting/setting POSIX. ii libdns81 1:9.8.1.dfsg-1 DNS Shared Library used by BIND ii libgssapi-krb5-2 1.9.1+dfsg-2 MIT Kerberos runtime libraries - k ii libisc83 1:9.8.1.dfsg-1 ISC Shared Library used by BIND ii libisccc801:9.8.1.dfsg-1 Command Channel Library used by BI ii libisccfg82 1:9.8.1.dfsg-1 Config File Handling Library used ii liblwres801:9.8.1.dfsg-1 Lightweight Resolver Library used ii libssl1.0.0 1.0.0e-2.1 SSL shared libraries ii libxml2 2.7.8.dfsg-4 GNOME XML library ii lsb-base 3.2-27 Linux Standard Base 3.2 init scrip ii net-tools 1.60-24.1 The NET-3 networking toolkit ii netbase 4.46 Basic TCP/IP networking system bind9 recommends no packages. Versions of packages bind9 suggests: pn bind9-doc none(no description available) ii dnsutils 1:9.7.3.dfsg-1+b1 Clients provided with BIND pn resolvconf none(no description available) pn ufwnone(no description available) -- Configuration Files: /etc/bind/named.conf.local changed [not included] -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
