BUG: As feared… New Unbound version 1.4.21_1, new bugs for free ...
-
Hi,
is it please possible to check the update on a VM that the package works also on 2.0.3 (and I guess then also on other 2.0.x versions) ?
When I updated our slave firewall after several weeks of thinking if I should try it (because of time) unbound doesn't started after updated as "expected".
-
1st check was showing that unbound was deactivated after upgrading… ?
=> check "Enable unbound" -
2nd found problem was then that saving config was not possible:
=> Fatal error: Call to undefined function get_interface_ipv6() in /usr/local/pkg/unbound.inc on line 838
On 2 places there is an ipv6 function without proving if function exists.
short patch form to show changes:
--- /usr/local/pkg/unbound.inc.orig 2013-12-01 02:12:49.000000000 +0100 +++ /usr/local/pkg/unbound.inc 2013-12-01 02:49:22.000000000 +0100 @@ -835,6 +835,7 @@ $unbound_entries .= "local-data: \"{$syscfg['hostname']} A {$cfgip}\"\n"; $added_item_v4[$current_host] = true; } + if(function_exists("get_interface_ipv6")) { $cfgip6 = get_interface_ipv6("lan"); if (is_ipaddrv6($cfgip6)) { $unbound_entries .= "local-data-ptr: \"{$cfgip6} {$current_host}\"\n"; @@ -842,6 +843,7 @@ $unbound_entries .= "local-data: \"{$syscfg['hostname']} AAAA {$cfgip6}\"\n"; $added_item_v6[$current_host] = true; } + } } else { $sysiflist = get_configured_interface_list(); foreach ($sysiflist as $sysif) { @@ -854,6 +856,7 @@ $unbound_entries .= "local-data: \"{$syscfg['hostname']} A {$cfgip}\"\n"; $added_item_v4[$current_host] = true; } + if(function_exists("get_interface_ipv6")) { $cfgip6 = get_interface_ipv6($sysif); if (is_ipaddr($cfgip6)) { $unbound_entries .= "local-data-ptr: \"{$cfgip6} {$current_host}\"\n"; @@ -866,6 +869,7 @@ } } } + } // DNSMasq entries static host entries if (isset($dnsmasqcfg['hosts'])) {
nice formatted patch for clean insert:
--- /usr/local/pkg/unbound.inc.orig 2013-12-01 02:12:49.000000000 +0100 +++ /usr/local/pkg/unbound.inc 2013-12-01 02:49:22.000000000 +0100 @@ -835,12 +835,14 @@ $unbound_entries .= "local-data: \"{$syscfg['hostname']} A {$cfgip}\"\n"; $added_item_v4[$current_host] = true; } - $cfgip6 = get_interface_ipv6("lan"); - if (is_ipaddrv6($cfgip6)) { - $unbound_entries .= "local-data-ptr: \"{$cfgip6} {$current_host}\"\n"; - $unbound_entries .= "local-data: \"{$current_host} AAAA {$cfgip6}\"\n"; - $unbound_entries .= "local-data: \"{$syscfg['hostname']} AAAA {$cfgip6}\"\n"; - $added_item_v6[$current_host] = true; + if(function_exists("get_interface_ipv6")) { + $cfgip6 = get_interface_ipv6("lan"); + if (is_ipaddrv6($cfgip6)) { + $unbound_entries .= "local-data-ptr: \"{$cfgip6} {$current_host}\"\n"; + $unbound_entries .= "local-data: \"{$current_host} AAAA {$cfgip6}\"\n"; + $unbound_entries .= "local-data: \"{$syscfg['hostname']} AAAA {$cfgip6}\"\n"; + $added_item_v6[$current_host] = true; + } } } else { $sysiflist = get_configured_interface_list(); @@ -854,15 +856,17 @@ $unbound_entries .= "local-data: \"{$syscfg['hostname']} A {$cfgip}\"\n"; $added_item_v4[$current_host] = true; } - $cfgip6 = get_interface_ipv6($sysif); - if (is_ipaddr($cfgip6)) { - $unbound_entries .= "local-data-ptr: \"{$cfgip6} {$current_host}\"\n"; - $unbound_entries .= "local-data: \"{$current_host} AAAA {$cfgip6}\"\n"; - $unbound_entries .= "local-data: \"{$syscfg['hostname']} AAAA {$cfgip6}\"\n"; - $added_item_v6[$current_host] = true; + if(function_exists("get_interface_ipv6")) { + $cfgip6 = get_interface_ipv6($sysif); + if (is_ipaddr($cfgip6)) { + $unbound_entries .= "local-data-ptr: \"{$cfgip6} {$current_host}\"\n"; + $unbound_entries .= "local-data: \"{$current_host} AAAA {$cfgip6}\"\n"; + $unbound_entries .= "local-data: \"{$syscfg['hostname']} AAAA {$cfgip6}\"\n"; + $added_item_v6[$current_host] = true; + } + if (is_ipaddr($cfgip) || is_ipaddr($cfgip6)) + break; } - if (is_ipaddr($cfgip) || is_ipaddr($cfgip6)) - break; } } }
- 3rd problem: after this fix the unbound says "started" but was still not running…
=> system log:
php: : The command '/usr/local/sbin/unbound-control start' returned exit code '1', the output was '[1385861390] unbound[47043:0] warning: too many file descriptors requested. The builtinmini-event cannot handle more than 1024. Config for less fds or compile with libevent [1385861390] unbound[47043:0] fatal error: too much tcp. not enough fds.'
=> Problem: http://www.unbound.net/pipermail/unbound-users/2008-August/000166.html
=> temp soultion: https://bugs.archlinux.org/task/34346
Setting "num-threads:2"So here is the temporary fix for 2.0.x - I guess on 2.1 it would work without it… :
--- /usr/local/pkg/unbound.inc.orig 2013-12-01 02:12:49.000000000 +0100 +++ /usr/local/pkg/unbound.inc 2013-12-01 02:49:22.000000000 +0100 @@ -622,7 +622,7 @@ // Set the number of threads equal to number of CPUs. // Use 1 (disable threading) if for some reason this sysctl fails. $numprocs = intval(trim(`/sbin/sysctl kern.smp.cpus | /usr/bin/cut -d" " -f2`)); - if($numprocs > 1) { + if($numprocs > 1 && floatval(php_uname("r")) >= 8.3) { $optimization['number_threads'] = "num-threads: {$numprocs}"; $optimize_num = pow(2,floor(log($numprocs,2))); } else {
Bests
Reiner
-