Ubuntu 12.04 & BIND 9.9.2-P1

Rusty L Vaughn rusty.l.vaughn at gmail.com
Sun Jan 6 17:48:00 UTC 2013


Thanks that worked.  I didn't even think about BIND being Chrooted since I
have never seen this issue before on Debian.  Ubuntu seems to be more
restrictive to files outside the Chroot.


----
Rusty L Vaughn


On Sat, Jan 5, 2013 at 5:00 PM, Noel S. Rocha <noelsrocha at gmail.com> wrote:

> Is bind chrooted?
>
> Try this(DONT FORGET: CHANGE VALUE OF $CHROOT VARIABLE ):
>
>> mkdir -p $CHROOT/usr/lib/x86_64-linux-gnu/openssl-1.0.0/engines/
>
> 2º Edit /etc/fstab
> /usr/lib/x86_64-linux-gnu/openssl-1.0.0/engines/
>  $CHROOT/usr/lib/x86_64-linux-gnu/openssl-1.0.0/engines/ none
>  defaults,bind,auto,nodev,noexec,nosuid  0 0
>
>> mount $CHROOT/usr/lib/x86_64-linux-gnu/openssl-1.0.0/engines/
>
> 4º Edit /etc/apparmor.d/local/usr.sbin.named adding line above:
> $CHROOT/usr/lib/x86_64-linux-gnu/openssl-1.0.0/engines/libgost.so rm,
>
> 5º reloading apparmor
> /etc/init.d/apparmor reload
>
> Again, DONT FORGET: CHANGE VALUE OF $CHROOT. My chroot is /var/lib/bind/.
> Put your chroot path.
>
> Good luck,
>
> On Sat, Jan 5, 2013 at 4:17 PM, Rusty L Vaughn <rusty.l.vaughn at gmail.com>wrote:
>
>> I am getting the following error with a compiled version of BIND with
>> Ubuntu 12.04. The file at the path does exist.  I think I am missing a
>> package but I am not sure what could be missing.  Thanks
>>
>> error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared
>> library:dso_dlfcn.c:185:filename(/usr/lib/x86_64-linux-gnu/openssl-1.0.0/engines/libgost.so):
>> /usr/lib/x86_64-linux-gnu/openssl-1.0.0/engines/libgost.so: cannot open
>> shared object file: No such file or directory
>>
>> error:25070067:DSO support routines:DSO_load:could not load the shared
>> library:dso_lib.c:244:
>>
>> error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450:
>>
>> error:2606A074:engine routines:ENGINE_by_id:no such
>> engine:eng_list.c:417:id=gost
>>
>> initializing DST: crypto failure
>>
>> exiting (due to fatal error)
>>
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>
>
>
> --
> Noel S. Rocha
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130106/48bc4915/attachment.html>


More information about the bind-users mailing list