BIND 10 #2447: User-friendly feedback when not running as root
BIND 10 Development
do-not-reply at isc.org
Thu Nov 8 08:51:47 UTC 2012
#2447: User-friendly feedback when not running as root
-------------------------------------+-------------------------------------
Reporter: shane | Owner: jinmei
Type: | Status: accepted
enhancement | Milestone:
Priority: | Sprint-20121120
medium | Resolution:
Component: Boss | Sensitive: 0
of BIND | Sub-Project: Core
Keywords: | Estimated Difficulty: 3
Defect Severity: High | Total Hours: 0
Feature Depending on Ticket: |
alpha2 |
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
Comment (by jinmei):
trac2447 is ready for review.
After having a discussion with the person who gave this feedback,
I figured out it was sufficient if we improve log message of b10-auth,
at least for him, and at least regarding the failure of binding a
socket to the privileged port.
The major issue for him seemed that the auth log message didn't say
anything like "permission denied":
{{{
2012-11-06 12:54:47.108 ERROR [b10-auth.auth] AUTH_CONFIG_LOAD_FAIL load
of configuration failed: Server configuration failed: "Error creating
socket on bind"
}}}
So, in 98a3c1b and 0590b6d, I improved the log message for that case:
boss's sockcreator module now includes more detailed info when binding
the socket fails (including the strerror), and the boss transparently
passes it to auth. So the log now looks like:
{{{
2012-11-08 00:40:31.213 ERROR [b10-auth.auth] AUTH_CONFIG_LOAD_FAIL
load of configuration failed: Server configuration failed: "Error
creating socket on bind to be bound to [::]:53: Permission denied -
probably need to restart BIND 10 as a super user"
}}}
If we also want to treat this case as a fatal error, it could be done
with a small extension, but I think we first need to discuss it, and
that should go to a separate ticket anyway; the current branch should
sufficiently address the user feedback.
The branch could stop here, but I addressed a few more issues
regarding "start as non root". Currently, if BIND 10 is installed as
a super user and you try to start it without the privilege, it fails
in an ugly way:
- the bind10 process fails to dump the initial log, and dies with an
uncaught exception
- even if that particular issue is somehow addressed, it would still
fail because msgq would fail to start due to the failure of opening
the unix domain socket. this will then cause an ugly termination of
the bind10 process
So, in the rest of the branch I tried to fix these. It contains two
independent fixes:
- 88c9fb4 and ec63a9a address the first point.
- the rest addresses the second point.
The entire branch shouldn't be very big, but since these are
technically off-topic extension, so if they look too much or
controversial, I'm okay with concentrating on the first two commits
for this branch.
And, one final note: the changes are generally log message updates, so
I didn't see the need for adding explicit unit tests for these. Only
86ed7ae is the non-editorial change, but it's basically a refactoring
by unifying two cases, and the existing test should cover it.
I don't think we need a changelog entry for these changes.
--
Ticket URL: <http://bind10.isc.org/ticket/2447#comment:13>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list