[Freeipa-users] DNS portion of IPA Server randomly crashing
Petr Spacek
pspacek at redhat.com
Mon May 21 17:28:47 UTC 2012
On 05/21/2012 07:17 PM, Charlie Derwent wrote:
> Hi Petr
> I'm running bind-dyndb-ldap-0.2.0-7el6.x86_64
> rndc reload doesn't work as "neither /etc/rndc.conf nor /etc/rndc.key was found"
You can fix it with
# rndc-confgen -a
(It probably doesn't help to reproduce it, unfortunately.)
> Logrotate is weekly
> Kerberos ticket lifetime is
> Max life: 86400
> Max renew: 604800
> Looking at the time between errors it's very infrequent but of course it's
> quite serious
> ipa1 - Apr 1st then Apr 5th
How it's possible if logrotate is weekly? Was it reloaded manually? Can you
explore logs? Are there another "symptoms"?
> ipa2 - Apr 13th then Apr 26th
> ipa3 - Mar 26th then May 18th
> Worst of all I can't reproduce it. It just works, until it doesn't
In that case, please install debug info to all machines. If it's possible,
please install ABRT also - it can catch some useful information after crash. I
will look into it ...
Good night from Europe.
Petr^2 Spacek
> Regards
> Charlie
> On Mon, May 21, 2012 at 9:44 AM, Petr Spacek <pspacek at redhat.com
> <mailto:pspacek at redhat.com>> wrote:
>
> Hello,
>
> please provide your version of bind-dyndb-ldap package. It is interface
> between BIND and LDAP database. Latest version is 0.2.0-7.el6.
> # rpm -q bind-dyndb-ldap
>
> If you reload BIND manually, it crashes also? Every time?
> # rndc reload
>
> How long is log rotation period?
>
> What is Kerberos ticket lifetime?
> # ipa krbtpolicy-show
>
> If you can reproduce it (in worst case wait a day ...), please install
> debug informations:
> # debuginfo-install bind bind-dyndb-ldap
>
> and then send logs again.
>
>
> Thanks for your time.
>
> Petr^2 Spacek
>
>
> On 05/20/2012 11:46 AM, Charlie Derwent wrote:
>
> Hi
> I'm running IPA server 2.1.3 on RHEL 6.2 and have been experiencing
> random DNS
> failures on my Master and Replica servers. I thought it may have been
> down to
> the version of bind I was running and updated it it to
> bind-9.7.3-8.P3.el6_2.2.x86_64 yet the error still occurs it looks
> like there
> is an automated process to reload zones as the log files show it
> working the
> day before at the exact same time.
> I've included the log files below. If anyone can help me get to the
> bottom of
> the problem it would be greatly appreciated.
> Thanks,
> Charlie.
> ***Working zone reload***
> ------------------------------__--------
> May 17 03:46:01 ipa named[6938]: received SIGHUP signal to reload zones
> May 17 03:46:01 ipa named[6938]: loading configuration from
> '/etc/named.conf'
> May 17 03:46:01 ipa named[6938]: using default UDP/IPv4 port range:
> [1024, 65535]
> May 17 03:46:01 ipa named[6938]: using default UDP/IPv6 port range:
> [1024, 65535]
> May 17 03:46:01 ipa named[6938]: no IPv6 interfaces found
> May 17 03:46:01 ipa logrotate: ALERT exited abnormally with [1]
> May 17 03:46:01 ipa named[6938]: /etc/named.conf:12: no forwarders seen;
> disabling forwarding
> May 17 03:46:01 ipa named[6938]: /etc/named.conf:12: no forwarders seen;
> disabling forwarding
> May 17 03:46:01 ipa named[6938]: none:0: open: /etc/rndc.key: file not
> found
> May 17 03:46:01 ipa named[6938]: couldn't add command channel
> 127.0.0.1#953:
> file not found
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN:
> (master) removed
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN:
> (master) removed
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN:
> (master) removed
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN:
> (master) removed
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN:
> (master) removed
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN:
> (master) removed
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN:
> (master) removed
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN:
> (master) removed
> May 17 03:46:01 ipa named[6938]: zone [REMOVED]/IN: (master) removed
> May 17 03:46:01 ipa named[6938]: reloading configuration succeeded
> May 17 03:46:01 ipa named[6938]: reloading zones succeeded
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
> notifies (serial [REMOVED])
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
> notifies (serial [REMOVED])
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
> notifies (serial [REMOVED])
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
> notifies (serial [REMOVED])
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
> notifies (serial [REMOVED])
> May 17 03:46:01 ipa named[6938]: zone [REMOVED]/IN: sending notifies
> (serial[REMOVED])
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
> notifies (serial [REMOVED])
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
> notifies (serial [REMOVED])
> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
> notifies (serial [REMOVED])
> ------------------------------__--------
> ***Failed zone reload***
> ------------------------------__--------
> May 18 03:46:01 ipa named[6938]: received SIGHUP signal to reload zones
> May 18 03:46:01 ipa named[6938]: loading configuration from
> '/etc/named.conf'
> May 18 03:46:01 ipa named[6938]: using default UDP/IPv4 port range:
> [1024, 65535]
> May 18 03:46:01 ipa named[6938]: using default UDP/IPv6 port range:
> [1024, 65535]
> May 18 03:46:01 ipa named[6938]: no IPv6 interfaces found
> May 18 03:46:01 ipa logrotate: ALERT exited abnormally with [1]
> May 18 03:46:01 ipa named[6938]: GSSAPI Error: The referenced context has
> expired (Unknown error)
> May 18 03:46:01 ipa named[6938]: bind to LDAP server failed: Local error
> May 18 03:46:01 ipa named[6938]: reloading configuration failed: failure
> May 18 03:46:01 ipa named[6938]: rbt.c:694: REQUIRE((((rbt) != ((void
> *)0)) &&
> (((const isc__magic_t *)(rbt))->magic == ((('R') << 24 | ('B') << 16 |
> ('T')
> << 8 | ('+')))))) failed, back trace
> May 18 03:46:01 ipa named[6938]: #0 0x7f18f791632f in ??
> May 18 03:46:01 ipa named[6938]: #1 0x7f18f62e373a in ??
> May 18 03:46:01 ipa named[6938]: #2 0x7f18f71af880 in ??
> May 18 03:46:01 ipa named[6938]: #3 0x7f18f71afbf3 in ??
> May 18 03:46:01 ipa named[6938]: #4 0x7f18f11621fc in ??
> May 18 03:46:01 ipa named[6938]: #5 0x7f18f1164379 in ??
> May 18 03:46:01 ipa named[6938]: #6 0x7f18f791d597 in ??
> May 18 03:46:01 ipa named[6938]: #7 0x7f18f792119a in ??
> May 18 03:46:01 ipa named[6938]: #8 0x7f18f790d129 in ??
> May 18 03:46:01 ipa named[6938]: #9 0x7f18f6301fe8 in ??
> May 18 03:46:01 ipa named[6938]: #10 0x7f18f5ebc7f1 in ??
> May 18 03:46:01 ipa named[6938]: #11 0x7f18f540e70d in ??
> May 18 03:46:01 ipa named[6938]: exiting (due to assertion failure)
>
>
> _________________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com <mailto:Freeipa-users at redhat.com>
> https://www.redhat.com/__mailman/listinfo/freeipa-users
> <https://www.redhat.com/mailman/listinfo/freeipa-users>
>
>
More information about the Freeipa-users
mailing list