Bug#921539: marked as done (unbound fails to start after upgrade)

Sat, 09 Feb 2019 19:05:09 -0800 

Your message dated Sun, 10 Feb 2019 02:59:38 +0000
with message-id <e1gsflg-000huk...@fasolo.debian.org>
and subject line Bug#921538: fixed in unbound 1.9.0-2
has caused the Debian Bug report #921538,
regarding unbound fails to start after upgrade
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
921538: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921538
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: unbound
Version: 1.9.0-1
Severity: grave
Justification: renders package unusable

Immediately after installing 1.9.0-1, unbound refused to run after restart. 
System logs contained:

Feb  6 11:00:24 annuminas package-helper[6142]: /var/lib/unbound/root.key has 
content
Feb  6 11:00:24 annuminas unbound: [6146:0] notice: init module 0: subnet
Feb  6 11:00:24 annuminas unbound: [6146:0] notice: init module 1: validator
Feb  6 11:00:24 annuminas unbound: [6146:0] error: unable to open 
/var/lib/unbound/root.key for reading: No such file or directory
Feb  6 11:00:24 annuminas systemd[1]: unbound.service: Main process exited, 
code=exited, status=1/FAILURE
Feb  6 11:00:24 annuminas unbound: [6146:0] error: error reading 
auto-trust-anchor-file: /var/lib/unbound/root.key
Feb  6 11:00:24 annuminas systemd[1]: unbound.service: Failed with result 
'exit-code'.
Feb  6 11:00:24 annuminas unbound: [6146:0] error: validator: error in 
trustanchors config
Feb  6 11:00:24 annuminas unbound: [6146:0] error: validator: could not apply 
configuration settings.
Feb  6 11:00:24 annuminas unbound: [6146:0] error: module init for module 
validator failed
Feb  6 11:00:24 annuminas unbound: [6146:0] fatal error: failed to setup modules
Feb  6 11:00:24 annuminas kernel: [1792989.896766] audit: type=1400 
audit(1549468824.750:4639): apparmor="STATUS" operation="profile_replace" 
info="same as cur
rent profile, skipping" profile="unconfined" name="/usr/sbin/unbound" pid=6149 
comm="apparmor_parser"
Feb  6 11:00:24 annuminas systemd[1]: unbound.service: Service RestartSec=100ms 
expired, scheduling restart.
Feb  6 11:00:24 annuminas systemd[1]: unbound.service: Scheduled restart job, 
restart counter is at 1.
Feb  6 11:00:25 annuminas systemd[1]: unbound.service: Control process exited, 
code=killed, status=15/TERM
Feb  6 11:00:25 annuminas systemd[1]: unbound.service: Succeeded.

Commenting out the contents of 
/etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf allowed the 
process to start, presumably no longer validating DNSSEC. The 
/var/lib/unbound/root.key file is present and readable, as it was prior to the 
upgrade. 

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-1-amd64 (SMP w/12 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages unbound depends on:
ii  adduser         3.118
ii  dns-root-data   2018091102
ii  libc6           2.28-6
ii  libevent-2.1-6  2.1.8-stable-4
ii  libfstrm0       0.4.0-1
ii  libprotobuf-c1  1.3.1-1+b1
ii  libpython3.7    3.7.2-2
ii  libssl1.1       1.1.1a-1
ii  libsystemd0     240-5
ii  lsb-base        10.2018112800
ii  openssl         1.1.1a-1
ii  unbound-anchor  1.9.0-1

unbound recommends no packages.

Versions of packages unbound suggests:
ii  apparmor  2.13.2-7

--- End Message ---
--- Begin Message --- 
Source: unbound
Source-Version: 1.9.0-2

We believe that the bug you reported is fixed in the latest version of
unbound, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 921...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Robert Edmonds <edmo...@debian.org> (supplier of updated unbound package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 09 Feb 2019 21:10:52 -0500
Source: unbound
Architecture: source
Version: 1.9.0-2
Distribution: unstable
Urgency: medium
Maintainer: unbound packagers <unbo...@packages.debian.org>
Changed-By: Robert Edmonds <edmo...@debian.org>
Closes: 921538
Changes:
 unbound (1.9.0-2) unstable; urgency=medium
 .
   [ Simon Deziel ]
   * Disable chroot'ing (Closes: #921538)
Checksums-Sha1:
 56854795cb2eebfa13b1647d11f5b39439475463 3026 unbound_1.9.0-2.dsc
 7edfcbbb6e5139c2adcfbd7067313c0602a875ce 18504 unbound_1.9.0-2.debian.tar.xz
 6c4ca376d686d67169e286c8c6d8636fd4e1b51d 8882 unbound_1.9.0-2_source.buildinfo
Checksums-Sha256:
 fc8d94824d59df192ce403999a25fca9402b39cf1951325c4f81b850825d7e86 3026 
unbound_1.9.0-2.dsc
 b4a97ebdfbb5d8e8af32bd6f8f6befc370cf2ad98c33914c00a00727e0cb2e0c 18504 
unbound_1.9.0-2.debian.tar.xz
 cb46eeac7681250ade8d365a0e7d3686859ed39c9f941c10806a14a6e7ef1509 8882 
unbound_1.9.0-2_source.buildinfo
Files:
 bac2dd0b4ab5c51397de1847715bf022 3026 net optional unbound_1.9.0-2.dsc
 88d8ced8e108122780dec6999c75a9f0 18504 net optional 
unbound_1.9.0-2.debian.tar.xz
 39eed707a8f25d54389c59f022be74eb 8882 net optional 
unbound_1.9.0-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE3z2W7rOCeCDzAmZcAYF6sKr2za4FAlxfiKIACgkQAYF6sKr2
za5MbhAAmpAjv5xVqgnRQKJKDx6T2ij/nn9q4HKl7g7y1J6APvR+42YnNJV9eAJw
u/vgBjjHBJ5cOePwDGX4KI5HEbH555r01t14BmH3Z/APWLHfWnoCpirLWzl2FQM2
XhS6zMdr5drL38+BSI8W2Ni+DHHbk+c/SO9a4yPf7kaxfyePbT7yUr29pKk4hFIr
2XXvQyT3i3FRqx6eh10eCbxHg/12Z1N8QYOwdCu9iR8xiYUViFePMrHpKuaxKvBt
uCnVWIzhB3fazLzPfkuoE0jUatmUvGHA8ENV6U6dDVvsn2XI/bgU5eG4csEqF0fx
eEu9uA3vgDdebOz2gGXN38Oai7CLz10Zt9NSIxT1HdYcLG4h/FwhVQiJ6MxdCoUu
NVD3T8SooNKFnqL3vbTqPJs/jemykZeXMsGftOHBQqxzTgJ3WreiX/qcQ/8pkcwm
hEgZx9mQycpFYfCw1jLvxp3R+mDEscako9P4tqIkaH7NYA+x3qDfa1/5ENYaAQnP
V+1jX3n00fHsCQQ2TPd0EJ/4IaLLqoYUE7ZnhpwClPCS+N7pTFgSuFb4G2HtkY1P
ImlN9T3/TGXvhxskOWRvXo7DcgsOrDG7sy/99HVXH64huu+Oy506rfJQ0mtsqHjK
RQrKP1cHlEs8vgbUlQUywXtPhgoNPnvGne4fBD47iLsSB49lt4U=
=3GFP
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to