[Bug 1160435] [NEW] Unreadable or symlinked openssl.cnf breaks bind9
Launchpad Bug Tracker
1160435 at bugs.launchpad.net
Mon Apr 1 12:21:10 UTC 2013
You have been subscribed to a public bug:
If /etc/ssl/openssl.cnf is unreadable by bind9 process, or is symlinked
from another file (regardless of whether the target is readable by bind9
or not), bind9 will not start.
This is apparently the same issue as what was discussed on the Debian side in 2010:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584911
I have several custom openssl.cnf files, and recently decided to symlink
the 'default' openssl.cnf to one of them (the target is world
readable). On the next reboot bind would not start. With a lot of
digging, much like in the debian ticket I referred to above, I
eventually clued in on the fact that somehow OpenSSL is involved even
though it's not an advertised dependency.
If this can't be corrected (i.e. so that bind would start regardless of
whether openssl.cnf can be accessed), perhaps a more informative error
message could be added. A simple "cannot read openssl.cnf" would have
saved me an hour of debug time.
--
Description: Ubuntu 12.04.2 LTS
Release: 12.04
bind9:
Installed: 1:9.8.1.dfsg.P1-4ubuntu0.5
Candidate: 1:9.8.1.dfsg.P1-4ubuntu0.5
Version table:
*** 1:9.8.1.dfsg.P1-4ubuntu0.5 0
500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages
100 /var/lib/dpkg/status
1:9.8.1.dfsg.P1-4 0
500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
** Affects: openssl (Ubuntu)
Importance: Medium
Status: Triaged
--
Unreadable or symlinked openssl.cnf breaks bind9
https://bugs.launchpad.net/bugs/1160435
You received this bug notification because you are a member of Ubuntu Foundations Bugs, which is subscribed to openssl in Ubuntu.
More information about the foundations-bugs
mailing list