From dnssec-trigger+phil at spodhuis.org Mon Mar 18 21:59:41 2013 From: dnssec-trigger+phil at spodhuis.org (Phil Pennock) Date: Mon, 18 Mar 2013 17:59:41 -0400 Subject: [Dnssec-trigger] Install issues on MacOS 10.8: user, config Message-ID: <20130318215941.GA13415@redoubt.spodhuis.org> Any chance of a 0.12 build of dnssec-trigger for MacOS, to include Wouter's July 31st fixes of user creation for MacOS 10.8? I just found http://www.nlnetlabs.nl/projects/dnssec-trigger/#changelog and see that 0.11 was built somewhere around 2012-06-07. There are more issues than just user creation. Here's my experience. So, I installed dnssec-trigger on my laptop last Friday and everything went great. 10.8.3. No problems encountered. I just made sure to uninstall unbound from MacPorts afterwards. And that's why it worked great for me: MacPorts had created the unbound runtime user, and dnssec-trigger used it. At the time, I was unaware of how important this was to my positive experience. SHA256(Downloads/dnssectrigger-0.11.dmg)= 77565ef4a25f07383c57ae4d96cd3bd5fcfe089301f2054ccf20fc636c76e710 (And yes, to answer a question in the archives from August, it works okay in the presence of the new MacOS install controls. You open the .dmg in Finder, and in the mounted volume, control-click (right-click) the .mpkg file, select Open, and this adds a "do it anyway" option to the dialog). Today, I gave a tech talk on DNSSEC and demo'd an install of dnssec-trigger on the mac (10.8.2) used for the presentation. It failed miserably, leaving the system without DNS resolution. The uninstall script worked. Same thing on a co-workers mac laptop, so it's not an isolated occurrence. Problems: 1. Failed to create the runtime user 2. No logfile preserved past install that I could see 3. Install claimed to succeed, rewrote resolv.conf and system resolver stuff (scutil) to reference 127.0.0.1; because there was no unbound user, unbound refused to start, so there was no DNS server listening. 4. dnssec-trigger doesn't test localhost unbound is up before configuring to use it, that seems like something that should be done at runtime, always. First problem: the install fails to create the run-time user. Second problem: the install 5. The unbound.conf file was not modified with the linetag-dnssec-trigger rules; this is after removing /etc/unbound, creating the user manually, and then installing the package. As a result, the resolver couldn't be configured with forwarders and also didn't have a trust anchor, so there was no validation. Looking through: https://github.com/miekg/dnssec-trigger/blob/master/osx/pkg/makepackage the "/Local/Default/Users/unbound UserShell" setting had been done, but not RealName, PrimaryGroupID, UniqueID and I think not NFSHomeDirectory. I created the user using the steps as per that postflight script. I copied the linetag-dnssec-trigger lines from my laptop, where things had worked, and after that unbound and dnssec-trigger worked fine. I'm willing to work with folks to understand what's gone wrong, and there are a number of co-workers with clean Macs who might be bribed into trying to install dnssec-trigger test images. Thanks, -Phil From wouter at nlnetlabs.nl Wed Mar 20 16:10:30 2013 From: wouter at nlnetlabs.nl (W.C.A. Wijngaards) Date: Wed, 20 Mar 2013 17:10:30 +0100 Subject: [Dnssec-trigger] Install issues on MacOS 10.8: user, config In-Reply-To: <20130318215941.GA13415@redoubt.spodhuis.org> References: <20130318215941.GA13415@redoubt.spodhuis.org> Message-ID: <5149DF76.1000708@nlnetlabs.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Phil, Thank you for the reports. The 0.12 had no progress because apart from annoyances there are no bugs or activities to perform, and my attention has gone to other projects (e.g. NSD 4). It is a good idea to get some 0.12 on the road on the near term, and incorporate the fixes for Mountain Lion. As well as other annoyances that have been reported (VPN confusion). Is this some sort of conflict between MacPorts and dnssec-trigger, if you uninstalled unbound macports did that also stop the unbound that came with dnssec-trigger somehow? Perhaps we should have website instructions to use the DMG for OSX users. Or get it signed via Apple somehow. Or even the App Store, alhough I believe that stuff is sandboxed and dnssec-trigger needs root. Best regards, Wouter On 03/18/2013 10:59 PM, Phil Pennock wrote: > Any chance of a 0.12 build of dnssec-trigger for MacOS, to include > Wouter's July 31st fixes of user creation for MacOS 10.8? I just > found http://www.nlnetlabs.nl/projects/dnssec-trigger/#changelog > and see that 0.11 was built somewhere around 2012-06-07. > > There are more issues than just user creation. Here's my > experience. > > So, I installed dnssec-trigger on my laptop last Friday and > everything went great. 10.8.3. No problems encountered. I just > made sure to uninstall unbound from MacPorts afterwards. > > And that's why it worked great for me: MacPorts had created the > unbound runtime user, and dnssec-trigger used it. At the time, I > was unaware of how important this was to my positive experience. > > SHA256(Downloads/dnssectrigger-0.11.dmg)= > 77565ef4a25f07383c57ae4d96cd3bd5fcfe089301f2054ccf20fc636c76e710 > > (And yes, to answer a question in the archives from August, it > works okay in the presence of the new MacOS install controls. You > open the .dmg in Finder, and in the mounted volume, control-click > (right-click) the .mpkg file, select Open, and this adds a "do it > anyway" option to the dialog). > > Today, I gave a tech talk on DNSSEC and demo'd an install of > dnssec-trigger on the mac (10.8.2) used for the presentation. It > failed miserably, leaving the system without DNS resolution. The > uninstall script worked. Same thing on a co-workers mac laptop, so > it's not an isolated occurrence. > > Problems: 1. Failed to create the runtime user 2. No logfile > preserved past install that I could see 3. Install claimed to > succeed, rewrote resolv.conf and system resolver stuff (scutil) to > reference 127.0.0.1; because there was no unbound user, unbound > refused to start, so there was no DNS server listening. 4. > dnssec-trigger doesn't test localhost unbound is up before > configuring to use it, that seems like something that should be > done at runtime, always. First problem: the install fails to > create the run-time user. Second problem: the install 5. The > unbound.conf file was not modified with the linetag-dnssec-trigger > rules; this is after removing /etc/unbound, creating the user > manually, and then installing the package. As a result, the > resolver couldn't be configured with forwarders and also didn't > have a trust anchor, so there was no validation. > > Looking through: > https://github.com/miekg/dnssec-trigger/blob/master/osx/pkg/makepackage > > the "/Local/Default/Users/unbound UserShell" setting had been done, but > not RealName, PrimaryGroupID, UniqueID and I think not > NFSHomeDirectory. I created the user using the steps as per that > postflight script. > > I copied the linetag-dnssec-trigger lines from my laptop, where > things had worked, and after that unbound and dnssec-trigger worked > fine. > > I'm willing to work with folks to understand what's gone wrong, > and there are a number of co-workers with clean Macs who might be > bribed into trying to install dnssec-trigger test images. > > Thanks, -Phil _______________________________________________ > dnssec-trigger mailing list dnssec-trigger at NLnetLabs.nl > http://open.nlnetlabs.nl/mailman/listinfo/dnssec-trigger > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRSd92AAoJEJ9vHC1+BF+N+2sP/0rTefI6B+xnV5rjL2GKPTmI SoFzKxYgj8Wj4xjCLMjCYHqD+k2dZ9KVHcfuUcKx0uD0rTMBbk9rTTas8odH43U9 VkFToGvfM6nRvWW7RBIvT9XbgDDZw04mtNhkjR5ZQ78ZwV+uVbpE7n1IVDhCiClt ET2BUjHoHp7UONCUtIkkJb6AKfa1s845I+3i4dVG8/W8dlxXiWpvG3t6w2YZds6m PMd73lRrmoE5WCDQZvwbtxeRj75J5gYLGFH0p2Ke5OHxHD9lU1X8McgvRh9R493H 3pllAj5Iu57cX5NK/9MLjX10kpmlGHjcgxQnl0Nc9kdSvcaYjJ5quK7C4vX+UCgH UMhnQpSw4rYmMPIroUNu+4z7eRjUfGa10Ra8QzJl86Gk0ZdDsoqHWNBMDZkF4QQj nQRBuFCAJ1iRRpKq6CX4NsWddAqme7a2qrqOPvfdMUJQuT/gPJGwq2DoDGB/p1wI nq7MthyeDgFSzQKgF1hGB3pyjxGUUtq6OEXsiC6xF2JskzI3hY31iugVqEMRBl+5 C1KfPVjXyp0+dyCvOubfln4oUbh1CST2KJoaxBML3J8QOjL5GouqK0sPELAKnudJ bKnX2gg6yfZ41r4HvFR83HjBL5cnCXs7bS2ppByqWx5bcKjpb823DmwHSLhlNHBd VLMhf+3Avc8ZMMFSvp8B =f0+g -----END PGP SIGNATURE----- From dnssec-trigger+phil at spodhuis.org Wed Mar 20 19:15:24 2013 From: dnssec-trigger+phil at spodhuis.org (Phil Pennock) Date: Wed, 20 Mar 2013 15:15:24 -0400 Subject: [Dnssec-trigger] Install issues on MacOS 10.8: user, config In-Reply-To: <5149DF76.1000708@nlnetlabs.nl> References: <20130318215941.GA13415@redoubt.spodhuis.org> <5149DF76.1000708@nlnetlabs.nl> Message-ID: <20130320191524.GA28432@redoubt.spodhuis.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 On 2013-03-20 at 17:10 +0100, W.C.A. Wijngaards wrote: > The 0.12 had no progress because apart from annoyances there are no > bugs or activities to perform, Well, on MacOS 10.8 it leaves the system with no functioning DNS, which is problematic. > Is this some sort of conflict between MacPorts and dnssec-trigger, if > you uninstalled unbound macports did that also stop the unbound that > came with dnssec-trigger somehow? No: the system where I had unbound installed via MacPorts is the system where dnssec-trigger worked. Installing dnssec-trigger on a clean 10.8 system, where there is no sign of MacPorts, fails. Because the user creation is broken. And then something _else_ going wrong, such that dnssec-trigger-control-setup.sh appears to not be called, because unbound.conf does not get the auto trust anchor and remote control settings added to it. On my laptop, with MacPorts, it had been flawless. > Perhaps we should have website instructions to use the DMG for OSX > users. Or get it signed via Apple somehow. Or even the App Store, > alhough I believe that stuff is sandboxed and dnssec-trigger needs root. Heck, just a PGP detached signature on the DMG would be nice. :) Otherwise, developer signing keys would avoid some installation warnings, without needing to go through the App Store. - -Phil -----BEGIN PGP SIGNATURE----- iEYEAREDAAYFAlFKCsQACgkQQDBDFTkDY39EawCfQVJu4iQ8CZFreswqlv6aIBgT p5IAnjTDZOmvrpvznsfg6G7uVtKZQoJj =pDw4 -----END PGP SIGNATURE----- From dnssec-trigger+phil at spodhuis.org Sat Mar 23 23:13:27 2013 From: dnssec-trigger+phil at spodhuis.org (Phil Pennock) Date: Sat, 23 Mar 2013 19:13:27 -0400 Subject: [Dnssec-trigger] Resolution on resume from hibernate (MacOS 10.8) Message-ID: <20130323231327.GA68069@redoubt.spodhuis.org> Seen this twice, don't know enough about Mac internals to track it down, but now that it's recurred, I can perhaps prod further in future. MacOS 10.8.3 on a laptop. When I resume from sleep/hibernate, sometimes I am now missing functioning DNS resolution. At least this time, Chrome was running still, so the resume resulted in a Gmail tab failing to talk to the server. This *might* affect open communication paths to the system resolver? I have functioning network, I can ping something outside (8.8.8.8), "sudo unbound-control forward" shows the forwarding is there, pointing to the local router gateway (which in turn runs unbound). Turning off WiFi and turning it back on, does not fix it. "sudo unbound-control reload" (and then restoring the forward) does not fix it. "Fix" is defined as "ping www.google.com" in a Terminal is able to resolve the hostname. Only fix is: sudo killall -v mDNSResponder At which point, everything gets back DNS resolution ability. This problem started with dnssec-trigger being installed. Anyone have ideas about what might be going on? Failing that, suggestions for things to look at, the next time, to better diagnose? DNSSec-Trigger installed: % pkgutil --pkgs | fgrep -i dnssec nl.nlnetlabsdnssectrigger011ForMacosX10.7.Package_Root.pkg An extract from system.log is attached, including some dnssec-trigger failures. I suspect that this is a clue: ----------------------------8< cut here >8------------------------------ Mar 23 18:39:18 ilmenite com.apple.launchd[1] (nl.nlnetlabs.dnssec-trigger-hook): Throttling respawn: Will start in 1 seconds ----------------------------8< cut here >8------------------------------ Thanks, -Phil -------------- next part -------------- Mar 22 23:29:00 ilmenite kernel[0]: hibernate image major 1, minor 0, blocksize 512, pollers 5 Mar 23 18:39:03 ilmenite kernel[0]: hibernate_page_list_setall(preflight 0) start 0xffffff8101815000, 0xffffff8101855000 Mar 23 18:39:03 ilmenite kernel[0]: hibernate_page_list_setall time: 465 ms Mar 23 18:39:03 ilmenite kernel[0]: pages 1420868, wire 350507, act 519901, inact 545, cleaned 0 spec 662, zf 53520, throt 0, could discard act 135141 inact 165746 purgeable 13752 spec 181094 cleaned 0 Mar 23 18:39:03 ilmenite kernel[0]: hibernate_page_list_setall found pageCount 925135 Mar 23 18:39:03 ilmenite kernel[0]: IOHibernatePollerOpen, ml_get_interrupts_enabled 0 Mar 23 18:39:03 ilmenite kernel[0]: IOHibernatePollerOpen(0) Mar 23 18:39:03 ilmenite kernel[0]: encryptStart 13270 Mar 23 18:39:03 ilmenite kernel[0]: bitmap_size 0x3f4d8, previewSize 0x271388, writing 924163 pages @ 0x2c3ad0 Mar 23 18:39:03 ilmenite kernel[0]: hibernate_machine_init: state 2, image pages 350303, sum was e492bb6b, image1Size 1a265400, conflictCount 3407, nextFree f592 Mar 23 18:39:03 ilmenite kernel[0]: hibernate_page_list_discard time: 278 ms, discarded act 135141 inact 165746 purgeable 13752 spec 181094 cleaned 0 Mar 23 18:39:03 ilmenite kernel[0]: IOHibernatePollerOpen(), ml_get_interrupts_enabled 0 Mar 23 18:39:03 ilmenite kernel[0]: IOHibernatePollerOpen(0) Mar 23 18:39:03 ilmenite kernel[0]: hibernate_machine_init reading Mar 23 18:39:03 ilmenite kernel[0]: PMStats: Hibernate read took 4657 ms Mar 23 18:39:03 ilmenite kernel[0]: hibernate_machine_init pagesDone 924931 sum2 29e0f6a3, time: 4657 ms, comp bytes: 2192662528 time: 2070 ms 1010 Mb/s, crypt bytes: 1157109248 time: 444 ms 2482 Mb/s Mar 23 18:39:03 ilmenite kernel[0]: vtd[0] fault: device 2:0:0 reason 0x5 W:0x8837b000 Mar 23 18:39:03 ilmenite kernel[0]: Wake reason: EC.LidOpen (User) Mar 23 18:39:03 ilmenite kernel[0]: AirPort_Brcm43xx::powerChange: System Wake - Full Wake/ Dark Wake / Maintenance wake Mar 23 18:39:03 ilmenite kernel[0]: AppleKeyStore::parseBootData: entry at offset 0 Mar 23 18:39:03 ilmenite kernel[0]: AppleKeyStore::parseBootData: setPassphrase() returned 0xe00002c2, skipping entry Mar 23 18:39:03 ilmenite kernel[0]: AppleKeyStore::parseBootData: entry at offset 64 Mar 23 18:39:03 ilmenite kernel[0]: AppleKeyStore::parseBootData: setKey() returned 0xe00002c2, skipping entryPrevious Sleep Cause: 5 Mar 23 18:39:03 ilmenite kernel[0]: Previous Shutdown Cause: 5 Mar 23 18:39:03 ilmenite kernel[0]: wlEvent: en1 en1 Link DOWN virtIf = 0 Mar 23 18:39:03 ilmenite kernel[0]: AirPort: Link Down on en1. Reason 8 (Disassociated because station leaving). Mar 23 18:39:03 ilmenite kernel[0]: en1::IO80211Interface::postMessage bssid changed Mar 23 18:39:03 ilmenite kernel[0]: TBT W (1): 0 [x] Mar 23 18:39:03 ilmenite.local WindowServer[103]: handle_will_sleep_auth_and_shield_windows: releasing authw 0x7fe1ccb068a0(2000), shield 0x7fe1ca218040(2001), lock state 4 Mar 23 18:39:03 ilmenite.local WindowServer[103]: handle_will_sleep_auth_and_shield_windows: err 0x0 Mar 23 18:39:03 ilmenite.local WindowServer[103]: Created shield window 0xb3a4 for display 0x003f003d Mar 23 18:39:03 ilmenite.local WindowServer[103]: handle_will_sleep_auth_and_shield_windows: releasing authw 0x7fe1ccb068a0(2002), shield 0x7fe1ca218040(2001), lock state 4 Mar 23 18:39:03 ilmenite.local WindowServer[103]: handle_will_sleep_auth_and_shield_windows: err 0x0 Mar 23 18:39:03 ilmenite.local WindowServer[103]: Created shield window 0xb3a5 for display 0x003f003e Mar 23 18:39:03 ilmenite.local WindowServer[103]: handle_will_sleep_auth_and_shield_windows: releasing authw 0x7fe1ccb068a0(2002), shield 0x7fe1ca218040(2001), lock state 4 Mar 23 18:39:03 ilmenite.local WindowServer[103]: handle_will_sleep_auth_and_shield_windows: err 0x0 Mar 23 18:39:03 ilmenite.local WindowServer[103]: Created shield window 0xb3a6 for display 0x003f003f Mar 23 18:39:03 ilmenite.local WindowServer[103]: handle_will_sleep_auth_and_shield_windows: releasing authw 0x7fe1ccb068a0(2002), shield 0x7fe1ca218040(2001), lock state 4 Mar 23 18:39:03 ilmenite.local WindowServer[103]: handle_will_sleep_auth_and_shield_windows: err 0x0 Mar 23 18:39:03 ilmenite com.apple.launchd[1] (com.apple.emond.aslmanager[31999]): Exited with code: 255 Mar 23 18:39:04 ilmenite.local configd[17]: network changed: v4(en1-:192.168.120.165) v6(en1-:fe80::28e:f2ff:fe5c:14c1) DNS- Proxy- SMB Mar 23 18:39:04 ilmenite.local loginwindow[69]: resume called when there was already a timer Mar 23 18:39:04 ilmenite.local UserEventAgent[325]: Could not get event name for stream/token: com.apple.time/30: 0x3: No such process Mar 23 18:39:05 ilmenite.local _softwareupdate[32066]: dnssec-trigger(osx) detected DNS Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: could not UDP send to ip 192.5.5.241 Mar 23 18:39:05 --- last message repeated 1 time --- Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: could not UDP send to ip 2001:503:ba3e::2:30 Mar 23 18:39:05 --- last message repeated 1 time --- Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:05 --- last message repeated 1 time --- Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:05 --- last message repeated 1 time --- Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:05 --- last message repeated 1 time --- Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:05 --- last message repeated 1 time --- Mar 23 18:39:05 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:05 ilmenite.local _eppc[32073]: dnssec-trigger-setdns to field.spodhuis.org and 127.0.0.1 Mar 23 18:39:05 ilmenite.local SubmitDiagInfo[32001]: Cleaning up expired diagnostic messages database at path: /var/log/DiagnosticMessages/2013.02.21.asl Mar 23 18:39:05 ilmenite kernel[0]: IOBluetoothUSBDFU::probe Mar 23 18:39:05 ilmenite kernel[0]: IOBluetoothUSBDFU::probe ProductID - 0x821D FirmwareVersion - 0x0100 Mar 23 18:39:05 ilmenite kernel[0]: [BroadcomBluetoothHCIControllerUSBTransport][start] -- completed Mar 23 18:39:05 ilmenite kernel[0]: [IOBluetoothHCIController][staticBluetoothHCIControllerTransportShowsUp] -- Received Bluetooth Controller register service notification Mar 23 18:39:05 ilmenite kernel[0]: [IOBluetoothHCIController::setConfigState] calling registerService Mar 23 18:39:05 ilmenite kernel[0]: AppleUSBMultitouchDriver::checkStatus - received Status Packet, Payload 2: device was reinitialized Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: chmod(/etc/resolv.conf) failed: No such file or directory Mar 23 18:39:06 ilmenite kernel[0]: MacAuthEvent en1 Auth result for: 00:8e:f2:5c:14:c3 MAC AUTH succeeded Mar 23 18:39:06 ilmenite kernel[0]: wlEvent: en1 en1 Link UP virtIf = 0 Mar 23 18:39:06 ilmenite kernel[0]: AirPort: Link Up on en1 Mar 23 18:39:06 ilmenite kernel[0]: en1: BSSID changed to 00:8e:f2:5c:14:c3 Mar 23 18:39:06 ilmenite kernel[0]: en1::IO80211Interface::postMessage bssid changed Mar 23 18:39:06 ilmenite kernel[0]: AirPort: RSN handshake complete on en1 Mar 23 18:39:06 ilmenite.local _softwareupdate[32130]: dnssec-trigger(osx) detected en1 DNS Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: could not UDP send to ip 192.203.230.10 Mar 23 18:39:06 --- last message repeated 1 time --- Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: could not UDP send to ip 2001:7fd::1 Mar 23 18:39:06 --- last message repeated 1 time --- Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:06 --- last message repeated 1 time --- Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:06 --- last message repeated 1 time --- Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:06 --- last message repeated 1 time --- Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:06 --- last message repeated 1 time --- Mar 23 18:39:06 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:06 ilmenite.local _eppc[32136]: dnssec-trigger-setdns to field.spodhuis.org and 127.0.0.1 Mar 23 18:39:06 ilmenite.local airportd[31951]: _doAutoJoin: Already associated to ?Pennock?. Bailing on auto-join. Mar 23 18:39:06 --- last message repeated 2 times --- Mar 23 18:39:06 ilmenite.local loginwindow[69]: in pam_sm_authenticate(): Got user: pdp Mar 23 18:39:06 ilmenite.local loginwindow[69]: in pam_sm_authenticate(): Got ruser: pdp Mar 23 18:39:06 ilmenite.local loginwindow[69]: in pam_sm_authenticate(): Got service: screensaver Mar 23 18:39:06 ilmenite.local loginwindow[69]: in od_principal_for_user(): No authentication authority returned Mar 23 18:39:06 ilmenite.local loginwindow[69]: in od_principal_for_user(): failed: 7 Mar 23 18:39:06 ilmenite.local loginwindow[69]: in pam_sm_authenticate(): Failed to determine Kerberos principal name. Mar 23 18:39:06 ilmenite.local loginwindow[69]: in pam_sm_authenticate(): Done cleanup3 Mar 23 18:39:06 ilmenite.local loginwindow[69]: in pam_sm_authenticate(): Kerberos 5 refuses you Mar 23 18:39:06 ilmenite.local su[32030]: in pam_sm_authenticate(): authentication succeeded Mar 23 18:39:06 ilmenite.local su[32030]: in pam_sm_acct_mgmt(): The root_only option means root only. Mar 23 18:39:06 ilmenite.local su[32030]: in pam_sm_acct_mgmt(): OpenDirectory - Membership cache TTL set to 1800. Mar 23 18:39:06 ilmenite.local su[32030]: in od_record_check_pwpolicy(): retval: 0 Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_acct_mgmt(): OpenDirectory - Membership cache TTL set to 1800. Mar 23 18:39:07 ilmenite.local loginwindow[69]: in od_record_check_pwpolicy(): retval: 0 Mar 23 18:39:07 ilmenite.local loginwindow[69]: in od_record_attribute_create_cfstring(): returned 2 attributes for dsAttrTypeStandard:AuthenticationAuthority Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): Establishing credentials Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): Got user: pdp Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): Context initialised Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): Got euid, egid: 501 20 Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): Done getpwnam() Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): Done setegid() & seteuid() Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): pam_sm_setcred: krb5 user pdp doesn't have a principal Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): Done cleanup3 Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): Done seteuid() & setegid() Mar 23 18:39:07 ilmenite.local loginwindow[69]: in pam_sm_setcred(): Done cleanup4 Mar 23 18:39:10 ilmenite.local configd[17]: network changed: v6(en1+:fe80::28e:f2ff:fe5c:14c1) DNS+ Proxy+ SMB Mar 23 18:39:10 ilmenite.local UserEventAgent[11]: Captive: en1: Not probing 'Pennock' (protected network) Mar 23 18:39:10 ilmenite.local configd[17]: network changed: v6(en1!:fe80::28e:f2ff:fe5c:14c1) DNS Proxy SMB Mar 23 18:39:12 ilmenite kernel[0]: CODE SIGNING: cs_invalid_page(0x1000): p=32255[ksadmin] clearing CS_VALID Mar 23 18:39:12 ilmenite.local configd[17]: network changed: v4(en1+:192.168.120.165) v6(en1:fe80::28e:f2ff:fe5c:14c1) DNS! Proxy SMB Mar 23 18:39:13 ilmenite.local imagent[363]: [Warning] Bag loading failed! Error (NSURLErrorDomain:-1003): A server with the specified hostname could not be found. http://init-p01md.apple.com/bag Mar 23 18:39:14 ilmenite kernel[0]: CODE SIGNING: cs_invalid_page(0x1000): p=32260[ksadmin] clearing CS_VALID Mar 23 18:39:15 ilmenite.local coreservicesd[31]: SendFlattenedData, got error #268435460 (ipc/send) timed out from ::mach_msg(), sending notification kLSNotifyChildApplicationReady to notificationID=6819 Mar 23 18:39:17 ilmenite.local _softwareupdate[32294]: dnssec-trigger(osx) detected en1 DNS 192.168.120.1 Mar 23 18:39:18 ilmenite.local _eppc[32298]: dnssec-trigger-setdns to field.spodhuis.org and 127.0.0.1 Mar 23 18:39:18 ilmenite com.apple.launchd[1] (nl.nlnetlabs.dnssec-trigger-hook): Throttling respawn: Will start in 1 seconds Mar 23 18:39:26 --- last message repeated 6 times --- Mar 23 18:39:26 ilmenite.local login[32370]: in pam_sm_acct_mgmt(): OpenDirectory - Membership cache TTL set to 1800. Mar 23 18:39:26 ilmenite.local login[32370]: in od_record_check_pwpolicy(): retval: 0 Mar 23 18:39:26 ilmenite.local login[32370]: in od_record_attribute_create_cfstring(): returned 2 attributes for dsAttrTypeStandard:AuthenticationAuthority Mar 23 18:39:26 ilmenite.local login[32370]: USER_PROCESS: 32370 ttys001 Mar 23 18:39:35 ilmenite.local com.apple.backupd[32459]: Starting automatic backup Mar 23 18:39:35 ilmenite.local com.apple.SecurityServer[15]: Succeeded authorizing right 'com.apple.ServiceManagement.daemons.modify' by client '/usr/libexec/UserEventAgent' [11] for authorization created by '/usr/libexec/UserEventAgent' [11] (100012,0) Mar 23 18:39:35 ilmenite.local com.apple.backupd[32459]: Attempting to mount network destination URL: afp://tm at howlite.local/tmbackups Mar 23 18:39:35 ilmenite kernel[0]: ASP_TCP CheckReqQueueSize: increasing req queue from 32 to 128 entries. so 0xffffff8042c596e0 Mar 23 18:39:36 ilmenite.local com.apple.backupd[32459]: Mounted network destination at mount point: /Volumes/tmbackups using URL: afp://tm at howlite.local/tmbackups Mar 23 18:39:36 ilmenite kernel[0]: ASP_TCP asp_tcp_usr_control: invalid kernelUseCount 0 Mar 23 18:39:36 ilmenite kernel[0]: AFP_VFS afpfs_mount: /Volumes/tmbackups, pid 32461 Mar 23 18:39:36 ilmenite kernel[0]: AFP_VFS afpfs_mount : succeeded on volume 0xffffff8100952008 /Volumes/tmbackups (error = 0, retval = 0) Mar 23 18:39:37 ilmenite.local sudo[32460]: pdp : TTY=ttys001 ; PWD=/Users/pdp ; USER=root ; COMMAND=/usr/sbin/unbound-control Mar 23 18:39:40 ilmenite.local sudo[32482]: pdp : TTY=ttys001 ; PWD=/Users/pdp ; USER=root ; COMMAND=/usr/sbin/unbound-control reload Mar 23 18:39:40 ilmenite.local unbound[86]: [86:0] notice: Restart of unbound 1.4.17. Mar 23 18:39:40 ilmenite.local unbound[86]: [86:0] notice: init module 0: validator Mar 23 18:39:40 ilmenite.local unbound[86]: [86:0] notice: init module 1: iterator Mar 23 18:39:47 ilmenite.local sudo[32487]: pdp : TTY=ttys001 ; PWD=/Users/pdp ; USER=root ; COMMAND=/usr/sbin/unbound-control forward Mar 23 18:39:51 ilmenite.local com.apple.SecurityServer[15]: Succeeded authorizing right 'com.apple.ServiceManagement.daemons.modify' by client '/usr/libexec/UserEventAgent' [11] for authorization created by '/usr/libexec/UserEventAgent' [11] (100012,0) Mar 23 18:39:53 ilmenite.local configd[17]: _handleLinkEvent: Unable to process link event, op mode request returned -3903 (Operation not supported) Mar 23 18:39:53 ilmenite kernel[0]: wlEvent: en1 en1 Link DOWN virtIf = 0 Mar 23 18:39:53 ilmenite kernel[0]: AirPort: Link Down on en1. Reason 8 (Disassociated because station leaving). Mar 23 18:39:53 ilmenite kernel[0]: en1::IO80211Interface::postMessage bssid changed Mar 23 18:39:53 ilmenite.local _softwareupdate[32509]: dnssec-trigger(osx) detected DNS Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: could not UDP send to ip 192.5.5.241 Mar 23 18:39:53 --- last message repeated 1 time --- Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: could not UDP send to ip 2001:500:2d::d Mar 23 18:39:53 --- last message repeated 1 time --- Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: Network is down Mar 23 18:39:53 --- last message repeated 1 time --- Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: Network is down Mar 23 18:39:53 --- last message repeated 1 time --- Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: Network is down Mar 23 18:39:53 --- last message repeated 1 time --- Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: Network is down Mar 23 18:39:53 --- last message repeated 1 time --- Mar 23 18:39:53 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:53 ilmenite.local _eppc[32515]: dnssec-trigger-setdns to field.spodhuis.org and 127.0.0.1 Mar 23 18:39:54 ilmenite com.apple.launchd[1] (nl.nlnetlabs.dnssec-trigger-hook): Throttling respawn: Will start in 1 seconds Mar 23 18:39:54 ilmenite.local configd[17]: network changed: v4(en1-:192.168.120.165) v6(en1-:fe80::28e:f2ff:fe5c:14c1) DNS- Proxy- SMB Mar 23 18:39:54 ilmenite.local mDNSResponder[34]: DeregisterInterface: Frequent transitions for interface en1 (2001:4830:1100:80C6:1240:F3FF:FEEB:1BBE) Mar 23 18:39:54 ilmenite kernel[0]: ASP_TCP Disconnect: triggering reconnect by bumping reconnTrigger from curr value 0 on so 0xffffff8042c596e0 Mar 23 18:39:54 ilmenite kernel[0]: ASP_TCP asp_tcp_usr_control: invalid kernelUseCount 0 Mar 23 18:39:54 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect started /Volumes/tmbackups prevTrigger 0 currTrigger 1 Mar 23 18:39:54 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: doing reconnect on /Volumes/tmbackups Mar 23 18:39:54 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: soft mounted and hidden volume so do not notify KEA for /Volumes/tmbackups Mar 23 18:39:54 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: Max reconnect time: 30 secs, Connect timeout: 15 secs for /Volumes/tmbackups Mar 23 18:39:54 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: connect to the server /Volumes/tmbackups Mar 23 18:39:54 ilmenite kernel[0]: ASP_TCP asp_SetTCPQoS: sock_settclassopt got error 57 Mar 23 18:39:54 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: connect on /Volumes/tmbackups failed 65. Mar 23 18:39:54 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: sleep for 1 seconds and then try again Mar 23 18:39:55 ilmenite com.apple.launchd[1] (nl.nlnetlabs.dnssec-trigger-hook): Throttling respawn: Will start in 1 seconds Mar 23 18:39:55 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: connect to the server /Volumes/tmbackups Mar 23 18:39:55 ilmenite kernel[0]: ASP_TCP asp_SetTCPQoS: sock_settclassopt got error 57 Mar 23 18:39:55 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: connect on /Volumes/tmbackups failed 65. Mar 23 18:39:55 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: sleep for 2 seconds and then try again Mar 23 18:39:56 ilmenite.local _softwareupdate[32578]: dnssec-trigger(osx) detected DNS Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: could not UDP send to ip 192.228.79.201 Mar 23 18:39:56 --- last message repeated 1 time --- Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: could not UDP send to ip 2001:503:ba3e::2:30 Mar 23 18:39:56 --- last message repeated 1 time --- Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:56 --- last message repeated 1 time --- Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:56 --- last message repeated 1 time --- Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:56 --- last message repeated 1 time --- Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: outgoing tcp: connect: No route to host Mar 23 18:39:56 --- last message repeated 1 time --- Mar 23 18:39:56 ilmenite.local dnssec-triggerd[87]: [87] error: could not send queries for probe Mar 23 18:39:56 ilmenite.local _eppc[32584]: dnssec-trigger-setdns to field.spodhuis.org and 127.0.0.1 Mar 23 18:39:57 ilmenite.local dnssec-triggerd[87]: [87] error: chmod(/etc/resolv.conf) failed: No such file or directory Mar 23 18:39:57 ilmenite com.apple.launchd[1] (nl.nlnetlabs.dnssec-trigger-hook): Throttling respawn: Will start in 1 seconds Mar 23 18:39:57 --- last message repeated 1 time --- Mar 23 18:39:57 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: connect to the server /Volumes/tmbackups Mar 23 18:39:57 ilmenite kernel[0]: ASP_TCP asp_SetTCPQoS: sock_settclassopt got error 57 Mar 23 18:39:57 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: connect on /Volumes/tmbackups failed 65. Mar 23 18:39:57 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: sleep for 4 seconds and then try again Mar 23 18:39:58 ilmenite kernel[0]: MacAuthEvent en1 Auth result for: 00:8e:f2:5c:14:c3 MAC AUTH succeeded Mar 23 18:39:58 ilmenite kernel[0]: wlEvent: en1 en1 Link UP virtIf = 0 Mar 23 18:39:58 ilmenite kernel[0]: AirPort: Link Up on en1 Mar 23 18:39:58 ilmenite kernel[0]: en1: BSSID changed to 00:8e:f2:5c:14:c3 Mar 23 18:39:58 ilmenite kernel[0]: en1::IO80211Interface::postMessage bssid changed Mar 23 18:39:58 ilmenite kernel[0]: AirPort: RSN handshake complete on en1 Mar 23 18:39:58 ilmenite.local configd[17]: network changed: v4(en1+:192.168.120.165) DNS+ Proxy+ SMB Mar 23 18:39:58 ilmenite.local mDNSResponder[34]: mDNS_RegisterInterface: Frequent transitions for interface en1 (FE80:0000:0000:0000:1240:F3FF:FEEB:1BBE) Mar 23 18:39:58 ilmenite.local mDNSResponder[34]: mDNS_RegisterInterface: Frequent transitions for interface en1 (192.168.120.165) Mar 23 18:39:58 ilmenite.local UserEventAgent[11]: Captive: en1: Not probing 'Pennock' (protected network) Mar 23 18:39:58 ilmenite.local configd[17]: network changed: v4(en1!:192.168.120.165) DNS Proxy SMB Mar 23 18:39:58 ilmenite.local _softwareupdate[32636]: dnssec-trigger(osx) detected en1 DNS 192.168.120.1 Mar 23 18:39:58 ilmenite.local dnssec-triggerd[87]: [87] error: http_probe_create_get: No route to host Mar 23 18:39:58 --- last message repeated 2 times --- Mar 23 18:39:58 ilmenite.local configd[17]: network changed: v4(en1:192.168.120.165) v6(en1+:fe80::28e:f2ff:fe5c:14c1) DNS* Proxy SMB Mar 23 18:39:58 ilmenite com.apple.launchd[1] (nl.nlnetlabs.dnssec-trigger-hook): Throttling respawn: Will start in 1 seconds Mar 23 18:39:58 --- last message repeated 1 time --- Mar 23 18:39:58 ilmenite.local airportd[32494]: _doAutoJoin: Already associated to ?Pennock?. Bailing on auto-join. Mar 23 18:39:58 --- last message repeated 1 time --- Mar 23 18:39:58 ilmenite.local _eppc[32640]: dnssec-trigger-setdns to field.spodhuis.org and 127.0.0.1 Mar 23 18:39:58 ilmenite com.apple.launchd[1] (nl.nlnetlabs.dnssec-trigger-hook): Throttling respawn: Will start in 1 seconds Mar 23 18:39:59 --- last message repeated 6 times --- Mar 23 18:39:59 ilmenite.local imagent[363]: [Warning] Bag loading failed! Error (NSURLErrorDomain:-1003): A server with the specified hostname could not be found. http://init-p01md.apple.com/bag Mar 23 18:39:59 ilmenite com.apple.launchd[1] (nl.nlnetlabs.dnssec-trigger-hook): Throttling respawn: Will start in 1 seconds Mar 23 18:40:01 ilmenite.local sudo[32709]: pdp : TTY=ttys001 ; PWD=/Users/pdp ; USER=root ; COMMAND=/usr/sbin/unbound-control forward Mar 23 18:40:01 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: connect to the server /Volumes/tmbackups Mar 23 18:40:01 ilmenite kernel[0]: ASP_TCP asp_SetTCPQoS: sock_settclassopt got error 57 Mar 23 18:40:01 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: Logging in with uam 8 /Volumes/tmbackups Mar 23 18:40:01 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: Restoring session /Volumes/tmbackups Mar 23 18:40:01 ilmenite kernel[0]: ASP_TCP ReplayPendingReqs: replaying slot 48 with reqID 50 afpCmd 0x7 on so 0xffffff8042c596e0 Mar 23 18:40:01 ilmenite kernel[0]: AFP_VFS afpfs_DoReconnect: get the reconnect token Mar 23 18:40:08 ilmenite.local sudo[32733]: pdp : TTY=ttys001 ; PWD=/Users/pdp ; USER=root ; COMMAND=/usr/sbin/unbound-control reload Mar 23 18:40:08 ilmenite.local unbound[86]: [86:0] notice: Restart of unbound 1.4.17. Mar 23 18:40:08 ilmenite.local unbound[86]: [86:0] notice: init module 0: validator Mar 23 18:40:08 ilmenite.local unbound[86]: [86:0] notice: init module 1: iterator Mar 23 18:40:11 ilmenite.local sudo[32735]: pdp : TTY=ttys001 ; PWD=/Users/pdp ; USER=root ; COMMAND=/usr/sbin/unbound-control forward Mar 23 18:40:28 ilmenite.local sudo[32745]: pdp : TTY=ttys001 ; PWD=/Users/pdp ; USER=root ; COMMAND=/usr/sbin/unbound-control forward 192.168.120.1 Mar 23 18:40:31 ilmenite.local mds[66]: (Error) Volume: Root store set to FSOnly with matching create! (loaded:1) Mar 23 18:40:32 ilmenite.local com.apple.backupd[32459]: Disk image /Volumes/tmbackups/ilmenite.sparsebundle mounted at: /Volumes/Time Machine Backups Mar 23 18:40:32 ilmenite.local com.apple.backupd[32459]: Backing up to: /Volumes/Time Machine Backups/Backups.backupdb Mar 23 18:40:39 ilmenite.local com.apple.backupd[32459]: Using file event preflight for Ilmenite SSD Mar 23 18:40:46 ilmenite.local sudo[32767]: pdp : TTY=ttys001 ; PWD=/Users/pdp ; USER=root ; COMMAND=/usr/bin/killall -v mDNSResponder Mar 23 18:40:46 ilmenite.local mDNSResponder[34]: mDNSResponder mDNSResponder-379.37 (Dec 16 2012 19:43:09) stopping Mar 23 18:40:46 ilmenite.local UserEventAgent[11]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Mar 23 18:40:46 --- last message repeated 1 time --- Mar 23 18:40:46 ilmenite.local configd[17]: dnssd_clientstub read_all(19) failed 0/28 0 Mar 23 18:40:46 ilmenite.local UserEventAgent[11]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Mar 23 18:40:46 --- last message repeated 1 time --- Mar 23 18:40:46 ilmenite.local configd[17]: [0x7fdf814242a0] SCNetworkReachability _llq_callback w/error=-65563 Mar 23 18:40:46 ilmenite.local UserEventAgent[11]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Mar 23 18:40:46 ilmenite.local configd[17]: [0x7fdf81428c10] SCNetworkReachability _llq_callback w/error=-65563 Mar 23 18:40:46 ilmenite.local UserEventAgent[11]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Mar 23 18:40:46 ilmenite.local configd[17]: [0x7fdf8142deb0] SCNetworkReachability _llq_callback w/error=-65563 Mar 23 18:40:46 ilmenite.local UserEventAgent[11]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Mar 23 18:40:46 ilmenite.local configd[17]: [0x7fdf8231a8f0] SCNetworkReachability _llq_callback w/error=-65563 Mar 23 18:40:46 ilmenite.local UserEventAgent[11]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Mar 23 18:40:46 --- last message repeated 1 time --- Mar 23 18:40:46 ilmenite.local configd[17]: [0x7fdf8210da60] SCNetworkReachability _llq_callback w/error=-65563 Mar 23 18:40:46 ilmenite.local UserEventAgent[11]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Mar 23 18:40:46 ilmenite.local usbmuxd[54]: dnssd_clientstub read_all(11) failed 0/28 0 Mar 23 18:40:46 ilmenite.local UserEventAgent[325]: dnssd_clientstub read_all(6) failed 0/28 0 Mar 23 18:40:46 ilmenite.local NetworkBrowserAgent[405]: dnssd_clientstub read_all(4) failed 0/28 0 Mar 23 18:40:46 ilmenite.local coreaudiod[345]: dnssd_clientstub read_all(4) failed 0/28 0 Mar 23 18:40:46 ilmenite.local NetworkBrowserAgent[405]: StatusMonitor::handleNameMonitorCallBack returned -65563 Mar 23 18:40:46 ilmenite.local NetworkBrowserAgent[405]: dnssdclientstub:sdRef: CallbackwithError morebytes zero sdr 0x7ffca3002770 Mar 23 18:40:46 ilmenite.local coreaudiod[345]: dnssd_clientstub read_all(6) failed 0/28 0 Mar 23 18:40:46 ilmenite.local NetworkBrowserAgent[405]: dnssd_clientstub read_all(10) failed 0/28 0 Mar 23 18:40:46 ilmenite.local NetworkBrowserAgent[405]: BonjourBrowser::handleBrowseCallBack returned -65563 Mar 23 18:40:46 --- last message repeated 3 times --- Mar 23 18:40:46 ilmenite.local NetworkBrowserAgent[405]: dnssd_clientstub read_all(11) failed 0/28 0 Mar 23 18:40:46 ilmenite.local NetworkBrowserAgent[405]: BonjourBrowser::handleBrowseCallBack returned -65563 Mar 23 18:40:46 ilmenite.local NetworkBrowserAgent[405]: dnssd_clientstub read_all(9) failed 0/28 0 Mar 23 18:40:46 ilmenite.local mDNSResponder[34]: D2D_IPC: Terminated Mar 23 18:40:46 ilmenite.local mDNSResponder[34]: D2DTerminate succeeded Mar 23 18:40:46 ilmenite.local mDNSResponder[34]: DeregisterInterface: Frequent transitions for interface en1 (2001:4830:1100:80C6:1240:F3FF:FEEB:1BBE) Mar 23 18:40:46 ilmenite.local configd[17]: _d2dCallback: D2D connection to mDNSResponder lost Mar 23 18:40:46 ilmenite.local mDNSResponder[32769]: mDNSResponder mDNSResponder-379.37 (Dec 16 2012 19:43:09) starting OSXVers 12 Mar 23 18:40:46 ilmenite.local mDNSResponder[32769]: D2D_IPC: Loaded Mar 23 18:40:46 ilmenite.local mDNSResponder[32769]: D2DInitialize succeeded Mar 23 18:40:47 ilmenite.local configd[17]: _resetD2DConnection: Connection re-established to mDNSResponder D2D server Mar 23 18:40:48 ilmenite.local com.apple.backupd[32459]: Will copy (59.7 MB) from Ilmenite SSD Mar 23 18:40:48 ilmenite.local com.apple.backupd[32459]: Found 232 files (59.7 MB) needing backup Mar 23 18:40:48 ilmenite.local com.apple.backupd[32459]: 3.45 GB required (including padding), 844.88 GB available Mar 23 18:40:50 ilmenite.local Google Chrome[29177]: dnssd_clientstub write_all(45) failed -1/57 32 Broken pipe Mar 23 18:40:50 ilmenite.local Google Chrome[29177]: dnssd_clientstub write_all(45) failed -1/28 32 Broken pipe Mar 23 18:40:58 ilmenite.local Google Chrome[32239]: dnssd_clientstub write_all(45) failed -1/56 32 Broken pipe Mar 23 18:40:58 ilmenite.local Google Chrome[32239]: dnssd_clientstub write_all(45) failed -1/28 32 Broken pipe Mar 23 18:41:30 ilmenite.local Google Drive[447]: dnssd_clientstub write_all(15) failed -1/56 32 Broken pipe Mar 23 18:41:30 ilmenite.local Google Drive[447]: dnssd_clientstub write_all(15) failed -1/28 32 Broken pipe From dnssec-trigger+phil at spodhuis.org Thu Mar 28 19:09:48 2013 From: dnssec-trigger+phil at spodhuis.org (Phil Pennock) Date: Thu, 28 Mar 2013 15:09:48 -0400 Subject: [Dnssec-trigger] [PATCH] Pass all domains from 'search' through to MacOS. Message-ID: <20130328190948.GA40505@redoubt.spodhuis.org> From: Phil Pennock Previously, 'search' was like 'domain but allowing extra domains to appear, and be ignored. This fixes that. Note: scutil setting is defined but not actually used (before and after this patch). I've no idea why scutil changes don't take and networksetup is needed, but I can confirm that this is the case for me too; nonetheless, I changed both approaches, to keep things in sync. --- osx/dnssec-trigger-setdns.sh.in | 36 ++++++++++++++++++++++++++++-------- riggerd/reshook.c | 12 +++++------- 2 files changed, 33 insertions(+), 15 deletions(-) mode change 100644 => 100755 osx/dnssec-trigger-setdns.sh.in diff --git a/osx/dnssec-trigger-setdns.sh.in b/osx/dnssec-trigger-setdns.sh.in old mode 100644 new mode 100755 index 0552b5b..5ca4121 --- a/osx/dnssec-trigger-setdns.sh.in +++ b/osx/dnssec-trigger-setdns.sh.in @@ -32,11 +32,27 @@ function doinstall () { cmd="$1" shift if test "$cmd" = "set"; then - domain="$1" + domains="$1" + firstdomain="$1" shift # remaining arguments are the servers to set servers="$*" - logger "dnssec-trigger-setdns to $domain and $servers" + logger "dnssec-trigger-setdns to $domains and $servers" +elif test "$cmd" = "mset"; then + domains="$1" + firstdomain="$1" + shift + while test "$1" != "--"; do + domains="$domains $1" + shift + done + if test "$1" != "--"; then + echo >&2 "Usage: $0 domain [domain ..] -- server [server ..]" + exit 1 + fi + shift # -- + servers="$*" + logger "dnssec-trigger-setdns to $domains and $servers" elif test "$cmd" = "install"; then doinstall "$*" exit 0 @@ -44,10 +60,13 @@ else if test "$cmd" = "uninit"; then logger "dnssec-trigger-setdns uninit dns override" else - echo "bad command: set domain [ip ..] | uninit" + echo >&2 "bad command: set | mset | unint" + echo >&2 " set domain [ip ..]" + echo >&2 " mset domain [domain ..] -- ip [ip ..]" exit 1 fi - domain="" + firstdomain="" + domains="" servers="" fi @@ -62,7 +81,8 @@ for i in $ids State:/Network/Global/DNS; do open d.init d.add ServerAddresses * $servers -d.add DomainName $domain +d.add SearchDomains * $domains +d.add DomainName $firstdomain set $i quit END @@ -71,15 +91,15 @@ done # set the DNS settings via networksetup nws="networksetup" -if test -z "$domain"; then - domain="empty" +if test -z "$domains"; then + domains="empty" fi if test -z "$servers"; then servers="empty" fi $nws -listallnetworkservices 2>/dev/null | grep -v '*' | while read x ; do #echo $x - $nws -setsearchdomains "$x" $domain + $nws -setsearchdomains "$x" $domains # no quotes around servers: the IPs have to be separate arguments. $nws -setdnsservers "$x" $servers done diff --git a/riggerd/reshook.c b/riggerd/reshook.c index 7dcf84a..9644293 100644 --- a/riggerd/reshook.c +++ b/riggerd/reshook.c @@ -60,17 +60,15 @@ set_dns_osx(struct cfg* cfg, char* iplist) { char cmd[10240]; char dm[1024]; - char* domain = "nothing.invalid"; + char* domains = "nothing.invalid"; if(cfg->rescf_domain && cfg->rescf_domain[0]) - domain = cfg->rescf_domain; + domains = cfg->rescf_domain; else if(cfg->rescf_search && cfg->rescf_search[0]) { snprintf(dm, sizeof(dm), "%s", cfg->rescf_search); - if(strchr(dm, ' ')) - strchr(dm, ' ')[0] = 0; /* use first word as domain */ - domain = dm; + domains = dm; } - snprintf(cmd, sizeof(cmd), "%s/dnssec-trigger-setdns.sh set %s %s", - LIBEXEC_DIR, domain, iplist); + snprintf(cmd, sizeof(cmd), "%s/dnssec-trigger-setdns.sh mset %s -- %s", + LIBEXEC_DIR, domains, iplist); verbose(VERB_QUERY, "%s", cmd); system(cmd); } -- 1.8.2 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 163 bytes Desc: not available URL: