Project

General

Profile

Bug #5334

unbound root.key file corruption can prevent unbound from starting

Added by Chris Buechler about 4 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Normal
Category:
DNS Resolver
Target version:
Start date:
10/21/2015
Due date:
% Done:

0%

Estimated time:
Affected Version:
All
Affected Architecture:

Description

Unbound's root.key can end up containing parts of another file in /var/ such as the circumstances in this thread:
https://forum.pfsense.org/index.php?topic=87357.15

leaving unbound failing to start.

Oct 16 08:23:54    unbound: [58658:0] fatal error: failed to setup modules
Oct 16 08:23:54    unbound: [58658:0] error: module init for module validator failed
Oct 16 08:23:54    unbound: [58658:0] error: validator: could not apply configuration settings.
Oct 16 08:23:54    unbound: [58658:0] error: validator: error in trustanchors config
Oct 16 08:23:54    unbound: [58658:0] error: error reading auto-trust-anchor-file: /var/unbound/root.key
Oct 16 08:23:54    unbound: [58658:0] error: failed to read /root.key
Oct 16 08:23:54    unbound: [58658:0] error: failed to load trust anchor from /root.key at line 1, skipping

The unbound-anchor command that's run during service startup to update or populate root.key fails if root.key contains invalid data (and exits with code 0 both when it has an error, and when it doesn't need to update...).

Associated revisions

Revision d7f5b68a (diff)
Added by Chris Buechler about 4 years ago

Check unbound root.key file contents, and remove it if invalid, before unbound-anchor runs otherwise it will fail and unbound will fail to start. fsync the file after writing to prevent the problem. Ticket #5334

Revision 4eeb2809 (diff)
Added by Chris Buechler about 4 years ago

Check unbound root.key file contents, and remove it if invalid, before unbound-anchor runs otherwise it will fail and unbound will fail to start. fsync the file after writing to prevent the problem. Ticket #5334

History

#1 Updated by Chris Buechler about 4 years ago

  • Status changed from Confirmed to Feedback

should be fixed by the fsync alone, and the sanity check will fix any other occurrence of invalid file contents that makes unbound-anchor fail.

#3 Updated by Chris Buechler about 4 years ago

  • Status changed from Feedback to Resolved

fixed

Unbound fixed the missing fsync for a future release

Also available in: Atom PDF