Re: bind-dlz & chroot jail

I get the same error doing this with MySQL as well, I did a symobolic
link in the jail for the mysql.sock and chmodded it 777 for testing
purposes but no difference. I can even detect packets, I wish that
error was more explanatory about why it can't connect.

Mitchel

On Fri, 31 Dec 2004 11:25:49 -0400, Andrew R <jcoder24 <at> socamail.com> wrote:
> Hi
> 
> I've installed the dlz patched bind 9 configured with odbc support in a chroot jail. When trying to start
named I am getting the following error:
> 
> Odbc driver unable to connect
> Odbc driver failed to create database connection after 3 attempts
> 
> NB. I have both odbc.ini and odbcinst.ini in the chroot jail. What else do I need to do to get it running?
> 
> Thanks in advance.
> 
> Andrew
> 
> ________________________________________________________________
> Sent via the WebMail system at socamail.com
> 
> -------------------------------------------------------
> The SF.Net email is sponsored by: Beat the post-holiday blues
> Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
> It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
> _______________________________________________

Re: bind-dlz & chroot jail

On Sat, 1 Jan 2005 12:38:24 -0800, Mitchel Constantin
<mitcheloc <at> gmail.com> wrote:
> I get the same error doing this with MySQL as well, I did a symobolic
> link in the jail for the mysql.sock and chmodded it 777 for testing
> purposes but no difference. I can even detect packets, I wish that
> error was more explanatory about why it can't connect.
> 
> Mitchel

have you tried tracing the process? when all else fails: trace it.

-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt

Re: bind-dlz & chroot jail

I have a similar problem connecting to the mysq db. But only at system 
boot it fails. If I login as root and start named manually it connects 
and starts fine. This is FreeBSD 5.3. Next I will be testing this on 
FreeBSD 4-STABLE (4.10 now?).

-Andy

Mitchel Constantin wrote:

>I get the same error doing this with MySQL as well, I did a symobolic
>link in the jail for the mysql.sock and chmodded it 777 for testing
>purposes but no difference. I can even detect packets, I wish that
>error was more explanatory about why it can't connect.
>
>Mitchel
>
>
>On Fri, 31 Dec 2004 11:25:49 -0400, Andrew R <jcoder24 <at> socamail.com> wrote:
>  
>
>>Hi
>>
>>I've installed the dlz patched bind 9 configured with odbc support in a chroot jail. When trying to start
named I am getting the following error:
>>
>>Odbc driver unable to connect
>>Odbc driver failed to create database connection after 3 attempts
>>
>>NB. I have both odbc.ini and odbcinst.ini in the chroot jail. What else do I need to do to get it running?
>>

error sending response: not enough free resources

error sending response: not enough free resources

Re: IPv6 & AAAA support ?

Hey all,

Sorry for being away from the list the last few days. 
Moved into a new apartment and didn't have internet
access for a week. :(

DLZ should work with pretty much any record that
normal Bind can use.  You need to make sure that the
data gets into the database correctly, and that your
query re-constructs the record properly.  The
concatonated fields from the DLZ query should pretty
much match how the data would look in a zone file. 
DLZ mearly collects the fields, concatonates most of
them together into a string and then passes it off to
Bind's internal functions to parse the string into
Bind's internal DNS data representation.

Hope this helps.
Later
Rob
--- berserker <announce <at> zalem.org> wrote:

> Hi,
> 
> I'm just goint into testing bind-dlz, but after some
> trouble I think that it doesn't work with AAAA type
> field ?
> 
> I'm right or there is a mistake ?
> 
> -- 
> berserker

		
__________________________________ 
Do you Yahoo!? 
Take Yahoo! Mail with you! Get it on your mobile phone. 
http://mobile.yahoo.com/maildemo 

-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt

Re: Bug in dlz_postgres_driver.c

I added the *rs = NULL; to the DLZ code.  At some
point I want to re-factor all the drivers and remove
any un-needed code, but I simply don't have the time
right now.

Thanks for catching this!

Later
Rob
--- Andrew Fullford <afullfor <at> cisco.com> wrote:

> I just joined the list but I didn't see anything
> about this in the 
> archives.
> 
> In the v0.7.0 code, there's a call to PQclear() on
> line 554 of 
> dlz_postgres_driver.c in function
> postgres_get_resultset().  When this 
> function returns there's another call to PQclear()
> at line 722.  On 
> FreeBSD this is triggering a coredump.  It only
> occurs if you have an 
> error in your query.
> 
> My solution was to add:
> 
> 		*rs = NULL;
> 
> immediately after the first PQclear() ie line 554,
> but its plausible to 
> simply omit the call entirely.
> 
> Andy
> 
> 
>
-------------------------------------------------------
> The SF.Net email is sponsored by: Beat the
> post-holiday blues
> Get a FREE limited edition SourceForge.net t-shirt
> from ThinkGeek.
> It's fun and FREE -- well,
> almost....http://www.thinkgeek.com/sfshirt
> _______________________________________________
> Bind-dlz-testers mailing list
> Bind-dlz-testers <at> lists.sourceforge.net
>
https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
> 

		
__________________________________ 
Do you Yahoo!? 
The all-new My Yahoo! - What will yours do?
http://my.yahoo.com 

-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt

Re: bind-dlz & chroot jail

Hello all,

In addition to the odbc config files you need to make
sure that any ODBC library files and the drivers for
your ODBC database are accessible from the chroot
jail.  Someone suggested to trace the program when its
running to see what its failing on.  This is exactly
what you should do to see what the application can't
get that it needs.

As for the not connecting to mysql on startup, that
came up on the list before.  You may have a race
condition.  Basically the MySQL server is either not
started until after DLZ attempts to start, or if the
MySQL server is started it is not creating the pipe
before DLZ attempts to use it.  To correct this, first
make sure the startup script for MySQL is called
before the startup script for DLZ.  Then add a call to
sleep in the DLZ startup script BEFORE DLZ is started.
 Make the sleep like 3 or 5 seconds.  This will give
MySQL time to startup and create the pipe before DLZ
attempts to use it.  Then everything should work fine.

Oh, and be sure that your permissions on the pipe are
correct.  If you start DLZ from a script it probably
starts as a BIND user.  But if you start it as root,
you might be giving Bind rootly privleges, and then it
can access the pipe.  Just double check the
permissions on your pipe.

Later
Rob
--- Andy Shinn <andys <at> lglan.net> wrote:

> I have a similar problem connecting to the mysq db.
> But only at system 
> boot it fails. If I login as root and start named
> manually it connects 
> and starts fine. This is FreeBSD 5.3. Next I will be
> testing this on 
> FreeBSD 4-STABLE (4.10 now?).
> 
> -Andy
> 
> Mitchel Constantin wrote:
> 
> >I get the same error doing this with MySQL as well,
> I did a symobolic
> >link in the jail for the mysql.sock and chmodded it
> 777 for testing
> >purposes but no difference. I can even detect
> packets, I wish that
> >error was more explanatory about why it can't
> connect.
> >
> >Mitchel
> >
> >
> >On Fri, 31 Dec 2004 11:25:49 -0400, Andrew R
> <jcoder24 <at> socamail.com> wrote:
> >  
> >
> >>Hi
> >>
> >>I've installed the dlz patched bind 9 configured
> with odbc support in a chroot jail. When trying to
> start named I am getting the following error:
> >>
> >>Odbc driver unable to connect
> >>Odbc driver failed to create database connection
> after 3 attempts
> >>
> >>NB. I have both odbc.ini and odbcinst.ini in the
> chroot jail. What else do I need to do to get it
> running?
> >>
> >>Thanks in advance.
> >>
> >>Andrew
> >>
>
>>________________________________________________________________
> >>Sent via the WebMail system at socamail.com
> >>
>
>>-------------------------------------------------------
> >>The SF.Net email is sponsored by: Beat the
> post-holiday blues
> >>Get a FREE limited edition SourceForge.net t-shirt
> from ThinkGeek.
> >>It's fun and FREE -- well,
> almost....http://www.thinkgeek.com/sfshirt
> >>_______________________________________________
> >>Bind-dlz-testers mailing list
> >>Bind-dlz-testers <at> lists.sourceforge.net
>
>>https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
> >>
> >>    
> >>
> >
> >
>
>-------------------------------------------------------
> >The SF.Net email is sponsored by: Beat the
> post-holiday blues
> >Get a FREE limited edition SourceForge.net t-shirt
> from ThinkGeek.
> >It's fun and FREE -- well,
> almost....http://www.thinkgeek.com/sfshirt
> >_______________________________________________
> >Bind-dlz-testers mailing list
> >Bind-dlz-testers <at> lists.sourceforge.net
>
>https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
> >
> >
> >
> >  
> >
> 
> 
> 
>
-------------------------------------------------------
> The SF.Net email is sponsored by: Beat the
> post-holiday blues
> Get a FREE limited edition SourceForge.net t-shirt
> from ThinkGeek.
> It's fun and FREE -- well,
> almost....http://www.thinkgeek.com/sfshirt
> _______________________________________________
> Bind-dlz-testers mailing list
> Bind-dlz-testers <at> lists.sourceforge.net
>
https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
> 

		
__________________________________ 
Do you Yahoo!? 
Send holiday email and support a worthy cause. Do good. 
http://celebrity.mail.yahoo.com

-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt

Re: error sending response: not enough free resources

try tracing the process and seeing where it blows up. 
That at least will tell you what the program is in the
process of doing when it dies.

Later
Rob
--- Joel Moss - HomepageUniverse
<joelmoss <at> homepageuniverse.com> wrote:

> Have had dlz (mysql) installed for a while now and
> is working fine on one
> server, but on the other, every request results in a
> failure and the
> following error appears in the /var/log/messages:
>  
> Jan  3 18:44:11 ns2 named[29510]: client
> 80.51.253.66#32768: error sending
> response: not enough free resources
>  
> I have upgraded the memory and load is well below
> 0.5, but still this error
> appears.  Any ideas anyone?
>  
> Joel Moss
>  
> 

		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Easier than ever with enhanced search. Learn more.
http://info.mail.yahoo.com/mail_250

-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt

Re: bind-dlz & chroot jail

You could also try linking your named process statically.  That avoids 
the need to replicate and maintain assorted shared libs, although 
relinking named after any system security updates is then desirable.

We're successfully running a DLZ named in a chroot jail with postgres, 
but this doesn't use ODBC.  Our executable is linked dynamically, but 
if the postgres library is referenced before the chroot is triggered, 
we would not see the same problem.

One caveat is that on some operating systems (eg Solaris), it is 
effectively impossible to link network apps statically.

Andy

On Jan 3, 2005, at 6:51 PM, Rob Butler wrote:

> Hello all,
>
> In addition to the odbc config files you need to make
> sure that any ODBC library files and the drivers for
> your ODBC database are accessible from the chroot
> jail.  Someone suggested to trace the program when its
> running to see what its failing on.  This is exactly
> what you should do to see what the application can't
> get that it needs.
>
>
> As for the not connecting to mysql on startup, that
> came up on the list before.  You may have a race
> condition.  Basically the MySQL server is either not
> started until after DLZ attempts to start, or if the
> MySQL server is started it is not creating the pipe
> before DLZ attempts to use it.  To correct this, first
> make sure the startup script for MySQL is called
> before the startup script for DLZ.  Then add a call to
> sleep in the DLZ startup script BEFORE DLZ is started.
>  Make the sleep like 3 or 5 seconds.  This will give
> MySQL time to startup and create the pipe before DLZ
> attempts to use it.  Then everything should work fine.
>
> Oh, and be sure that your permissions on the pipe are
> correct.  If you start DLZ from a script it probably
> starts as a BIND user.  But if you start it as root,
> you might be giving Bind rootly privleges, and then it
> can access the pipe.  Just double check the
> permissions on your pipe.
>
> Later
> Rob
> --- Andy Shinn <andys <at> lglan.net> wrote:
>
>> I have a similar problem connecting to the mysq db.
>> But only at system
>> boot it fails. If I login as root and start named
>> manually it connects
>> and starts fine. This is FreeBSD 5.3. Next I will be
>> testing this on
>> FreeBSD 4-STABLE (4.10 now?).
>>
>> -Andy
>>
>> Mitchel Constantin wrote:
>>
>>> I get the same error doing this with MySQL as well,
>> I did a symobolic
>>> link in the jail for the mysql.sock and chmodded it
>> 777 for testing
>>> purposes but no difference. I can even detect
>> packets, I wish that
>>> error was more explanatory about why it can't
>> connect.
>>>
>>> Mitchel
>>>
>>>
>>> On Fri, 31 Dec 2004 11:25:49 -0400, Andrew R
>> <jcoder24 <at> socamail.com> wrote:
>>>
>>>
>>>> Hi
>>>>
>>>> I've installed the dlz patched bind 9 configured
>> with odbc support in a chroot jail. When trying to
>> start named I am getting the following error:
>>>>
>>>> Odbc driver unable to connect
>>>> Odbc driver failed to create database connection
>> after 3 attempts
>>>>
>>>> NB. I have both odbc.ini and odbcinst.ini in the
>> chroot jail. What else do I need to do to get it
>> running?
>>>>
>>>> Thanks in advance.
>>>>
>>>> Andrew
>>>>
>>
>>> ________________________________________________________________
>>>> Sent via the WebMail system at socamail.com
>>>>
>>
>>> -------------------------------------------------------
>>>> The SF.Net email is sponsored by: Beat the
>> post-holiday blues
>>>> Get a FREE limited edition SourceForge.net t-shirt
>> from ThinkGeek.
>>>> It's fun and FREE -- well,
>> almost....http://www.thinkgeek.com/sfshirt
>>>> _______________________________________________
>>>> Bind-dlz-testers mailing list
>>>> Bind-dlz-testers <at> lists.sourceforge.net
>>
>>> https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
>>>>
>>>>
>>>>
>>>
>>>
>>
>> -------------------------------------------------------
>>> The SF.Net email is sponsored by: Beat the
>> post-holiday blues
>>> Get a FREE limited edition SourceForge.net t-shirt
>> from ThinkGeek.
>>> It's fun and FREE -- well,
>> almost....http://www.thinkgeek.com/sfshirt
>>> _______________________________________________
>>> Bind-dlz-testers mailing list
>>> Bind-dlz-testers <at> lists.sourceforge.net
>>
>> https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
> -------------------------------------------------------
>> The SF.Net email is sponsored by: Beat the
>> post-holiday blues
>> Get a FREE limited edition SourceForge.net t-shirt
>> from ThinkGeek.
>> It's fun and FREE -- well,
>> almost....http://www.thinkgeek.com/sfshirt
>> _______________________________________________
>> Bind-dlz-testers mailing list
>> Bind-dlz-testers <at> lists.sourceforge.net
>>
> https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
>>
>
>
>
> 		
> __________________________________
> Do you Yahoo!?
> Send holiday email and support a worthy cause. Do good.
> http://celebrity.mail.yahoo.com
>
>
> -------------------------------------------------------
> The SF.Net email is sponsored by: Beat the post-holiday blues
> Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
> It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
> _______________________________________________
> Bind-dlz-testers mailing list
> Bind-dlz-testers <at> lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers

-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt