#33766: DNS renumbering procedure fails if git server is unavailable -------------------------------------------------+------------------------- Reporter: anarcat | Owner: tpa Type: defect | Status: | needs_revision Priority: High | Milestone: Component: Internal Services/Tor Sysadmin Team | Version: Severity: Major | Resolution: Keywords: | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by anarcat): weasel gave me a few more hints: 6. ud-replicate *does* call the update script: {{{ rebuild_zones=0 if [ -e /var/lib/misc/thishost/dns-sshfp ]; then if ! cmp -s /var/lib/misc/thishost/dns-sshfp "$tempfile"; then rebuild_zones=1 fi fi [..] if [ "${rebuild_zones}" -gt 0 ]; then sudo -u dnsadm /srv/dns.torproject.org/bin/update fi }}} 7. the update can be triggered by hand with the last command above, `sudo -u dnsadm /srv/dns.torproject.org/bin/update`, possibly with `--force` 8. the `$INCLUDE "/var/lib/misc/thishost/dns-sshfp"` from the `dns/domains.git` zonefile is not parsed by bind, but by "makezonefile or whatever it's called to syntax check and to add the SOA header" What seems to have happened here is specific to the migration of vineale and the git infrastructure: the `update` script failed because it could not pull from git (because the original server was done), and aborted everything. So the following should have happened instead: * `update` should have continued with the cached copy of the git repo if git pull failed * failing that, `ud-replicate` should have warned about the problem instead of silently succeeding, and retried until it worked The above two points feel like the code changes that could happen to avoid that problem in the future. Everything else seems like docs that could be thrown in `tsa/howto/ldap.mdwn`. But for now, i'll just go back to business as usual and try to get some more shit done instead. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33766#comment:3> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs