Problem with dnstap socket (Re: Unbound 1.12.0 released)

Wouter Wijngaards wouter at nlnetlabs.nl
Fri Oct 9 07:01:06 UTC 2020


Hi Hugo,

Thanks for the report, the chroot was applied in the wrong way to the
dnstap socket path, and this mangled the string.  Here is a fixup commit
for a next release
https://github.com/NLnetLabs/unbound/commit/795a33c6e54aac7c7c0217da37d20faaf78898ef

That should apply the chroot to the path, if the path starts with the
chroot and chroot is enabled.

In your case, I guess it then detects that your path does not start with
the chroot path and then it performs the strdup that you suggest.  If
you were to put an absolute path starting with the chroot in config, it
then removes that leading chroot part when that is necessary.

Best regards, Wouter

On 08/10/2020 18:14, Hugo Salgado via Unbound-users wrote:
> Hi Wouter.
> I had a problem with dnstap in this version, in a CentOS 7
> machine. It was working with no problem with 1.11, but after
> upgrading I got:
> 
> Oct 08 12:49:09 unbound[20697:0] notice: attempting to connect to dnstap socket /usr/local/etc/unbound/var/dnstap.sock
> Oct 08 12:49:09 unbound[20697:0] warning: could not open dnstap-socket-path: /usr/local/etc/unbound/var/dnstap.sock, No such file or directory
> Oct 08 12:49:09 unbound[20697:0] notice: dnstap identity field set to "XXXX"
> Oct 08 12:49:09 unbound[20697:0] notice: dnstap version field set to "unbound 1.12.0"
> Oct 08 12:49:09 unbound[20697:0] notice: dnstap Message/RESOLVER_RESPONSE enabled
> Oct 08 12:49:09 unbound[20697:0] notice: dnstap Message/CLIENT_QUERY enabled
> Oct 08 12:49:09 unbound[20697:0] info: start of service (unbound 1.12.0).
> Oct 08 12:49:09 unbound[20697:2] error: dnstap io: failed to connect to "/usr/local/etc/unbound/var/dnstap.sock": No such file or directory
> Oct 08 12:49:09 unbound[20697:2] error: dnstap io: failed to connect to "/usr/local/etc/unbound/var/dnstap.sock": No such file or directory
> 
> 
> Tried several things. The socket was there with the same permissions
> as before.
> 
> Found this change:
> 
> On 09:04 08/10, Wouter Wijngaards via Unbound-users wrote:
>> - Fix to apply chroot to dnstap-socket-path, if chroot is enabled.
> 
> And revert the code to use "strdup", and now works ok.
> 
> I use the default chroot configuration. Didn't tried disabling
> it.
> 
> Best,
> 
> Hugo
> 


More information about the Unbound-users mailing list