LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

March 2016

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS March 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: named-chroot issue - AGAIN
From:	Steven Haigh <[log in to unmask]>
Reply To:	Steven Haigh <[log in to unmask]>
Date:	Thu, 17 Mar 2016 22:40:24 +1100
Content-Type:	multipart/signed
Parts/Attachments:	text/plain (2902 bytes) , signature.asc (834 bytes)

On 17/03/2016 10:25 PM, David Sommerseth wrote:
> On 17/03/16 06:36, Bill Maidment wrote:
>> Hi guys
>> Another named update and still the named-chroot.service file has not been fixed. It is really annoying to have to manually fix it every time, just to get DNS working after an update.
>> Why is the -t /var/named/chroot option included in the ExecStart but not in the ExecStartPre
>>
>> ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zone files is disabled"; fi'
>> ExecStart=/usr/sbin/named -u named -t /var/named/chroot $OPTIONS
>>
>> Surely named-checkconf should be run with the same named.conf file as named !!!
>>
>> This was reported back in November 2015
>> https://bugzilla.redhat.com/show_bug.cgi?id=1278082
>> This should have been fixed by now. How hard is a one line change to fix ???
> 
> This bug has severity set to medium. That means it has most likely not been
> considered critical enough by Red Hat to go into an errata in the 7.2 life
> cycle. But as the status is ASSIGNED (not NEW, which is the first status
> level) - it means someone is working on it.
> 
> If you do not like this pace, you can log in to the Red Hat customer portal
> and get in touch with Red Hat support.  If you can provide them with good
> technical arguments why this must be added in the 7.2 life cycle, then you
> might see this fixed sooner.
> 
> If you do not have Red Hat subscription with support ... well, then you need
> to patiently wait.  Scientific Linux builds on the source RPMs Red Hat releases.
> 
> And the reason for these things to take time is that every BZ for RHEL goes
> through several steps of quality control before a fix gets released. It means
> Red Hat needs to allocate resources getting these bugs fixed, verified and
> tested before users see the update. This is the key concept of enterprise
> distributions, to put efforts into avoiding regressions or new bugs as much as
> possible and to try to deliver a stable distribution which is properly
> maintained and updated over many years.

I would agree with you if they didn't remove that option in a release.
the -t /blah was actually removed in a commit - which QA failed to pick
up (and likely chroot bind setup wasn't tested at all).

I don't think this is a great example of what RedHat does well - this is
an example of what they do *really* bad.

This was broken in this commit:
https://git.centos.org/blobdiff/rpms!bind.git/d56ed2d3a2736a07a09c268f3b2607cca8f1b6ca/SOURCES!named-chroot.service

That was in release bind-9.9.4-29.el7 on 19th November 2015.

This an actual error in the commit that was released to public - void of
any QA - as even testing "Does the chroot run in the default
configuration?" would pick this up.

-- 
Steven Haigh

Email: [log in to unmask]
Web: https://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV