search

PowerDNS / pdns

PowerDNS Authoritative, PowerDNS Recursor, dnsdist
https://www.powerdns.com/
GNU General Public License v2.0
3.73k stars 915 forks source link

auth: pdnsutil makes LMDB files with wrong owner #11060

Open thantzsche opened 3 years ago

thantzsche commented 3 years ago

Short description

When configured with LMDB backend all created lmdb files have initially the owner root instead of pdns and therefore the auth server is at the first start exiting and restarting until the files get manually changed to owner pdns. Adding a zone with "pdnsutil create-zone " creates a new lmdb file with owner root again, which has also to be corrected manually to work.

Environment

Steps to reproduce

  1. pdns.conf: 
    daemon=yes
default-soa-edit=INCEPTION-INCREMENT
launch=lmdb
lmdb-filename=/var/db/pdns/dns00.lmdb
lmdb-sync-mode=sync
local-address=149.220.39.10
loglevel=6
primary=yes
query-local-address=0.0.0.0
security-poll-suffix=
  2. /usr/local/etc/rc.d/pdns start
  3. ls -l /var/db/pdns/
  4. chown pdns /var/db/pdns/*
  5. pdnsutil create-zone check.prv
  6. ls -l /var/db/pdns/
  7. chown pdns /var/db/pdns/*

Expected behaviour

All created lmdb files should have the owner pdns.

Actual behaviour

After step (2) the pdns daemon is filling the log with

Caught an exception instantiating a backend, cleaning up
Exiting because of STL error: Unable to open database file /var/db/pdns/dns00.lmdb: Permission denied
Caught an exception instantiating a backend, cleaning up
Exiting because communicator thread died with STL error: Unable to open database file /var/db/pdns/dns00.lmdb: Permission denied
Our pdns instance exited with code 1, respawning

This ends only after correcting the file owner.

Step (5): after the creation of a zone with pdnsutil, a new lmdb file gets the owner root again and every 5 minutes the log shows: STL Exception while updating zone cache: Unable to load database file /var/db/pdns/dns00.lmdb-1: Permission denied

Other information

The same permission problem occurs when the Authoritative is set up as secondary with LMDB backend.

sndrsmnk commented 3 years ago

The issue here is pdnsutil will create files on its own, so either you need to run pdnsutil as the pdns user or accept the fact that the first time you create LMDB files with pdnsutil you need to chown them manually. Or exclusively use the API to create new zones.

thantzsche commented 3 years ago

Just for my understanding (please correct me if i'm wrong about that): Fact: pdns.conf contains the option "setuid=pdns". Is it always pdnsutil that creates at the first start the first lmdb file (in my case dns00.lmdb) or is this first step managed by the auth daemon? (I checked: the daemon runs effectively with uid=pdns) pdnsutil needs to know where to create a new zone (and possibly a new lmdb file), so it needs to look into pdns.conf to find out the path given with "lmdb-filename=", right? Should it not also process the option "setuid= " to set the current owner for the lmdb files?

Habbie commented 3 years ago

Should it not also process the option "setuid= " to set the current owner for the lmdb files?

This is a very good question. I've marked this ticket as an enhancement request so we can think about this.

zeha commented 2 years ago

This is #3386, basically?

thantzsche commented 2 years ago

This is #3386, basically?

I would say so. Since pdnsutil is an easy and powerful cli-zonemanager for pdns, it should take care of the correct access rights the daemon is effectively running with or else it is rendering the whole system unreliable (in my case with existent but inaccessible zones and files of the LMDB backend).

Cybertinus commented 1 day ago

I hit this bug today, when building a public secondary auth, with a hidden primary. When I manually created the zone on my secondary server it got accepted, but when I ran a pdns_control notify-host <domain> <ip_secondary> on my master, the pdns daemon crashed and got stuck in a restart loop. This is the logging of that secondary server:

2024-12-03T22:48:37.202611+01:00 ns2 systemd[1]: pdns.service: Main process exited, code=exited, status=1/FAILURE
2024-12-03T22:48:37.202950+01:00 ns2 systemd[1]: pdns.service: Failed with result 'exit-code'.
2024-12-03T22:48:38.358449+01:00 ns2 systemd[1]: pdns.service: Scheduled restart job, restart counter is at 1.
2024-12-03T22:48:38.358996+01:00 ns2 systemd[1]: Stopped pdns.service - PowerDNS Authoritative Server.
2024-12-03T22:48:38.378887+01:00 ns2 systemd[1]: Starting pdns.service - PowerDNS Authoritative Server...
2024-12-03T22:48:38.428122+01:00 ns2 pdns_server[1886]: Loading '/usr/lib/x86_64-linux-gnu/pdns/liblmdbbackend.so'
2024-12-03T22:48:38.429405+01:00 ns2 pdns_server[1886]: This is a standalone pdns
2024-12-03T22:48:38.429610+01:00 ns2 pdns_server[1886]: Listening on controlsocket in '/run/pdns/pdns.controlsocket'
2024-12-03T22:48:38.429899+01:00 ns2 pdns_server[1886]: UDP server bound to 0.0.0.0:53
2024-12-03T22:48:38.430042+01:00 ns2 pdns_server[1886]: UDP server bound to [::]:53
2024-12-03T22:48:38.430171+01:00 ns2 pdns_server[1886]: TCP server bound to 0.0.0.0:53
2024-12-03T22:48:38.430305+01:00 ns2 pdns_server[1886]: TCP server bound to [::]:53
2024-12-03T22:48:38.430425+01:00 ns2 pdns_server[1886]: PowerDNS Authoritative Server 4.9.2 (C) PowerDNS.COM BV
2024-12-03T22:48:38.430522+01:00 ns2 pdns_server[1886]: Using 64-bits mode. Built using gcc 12.2.0 on Sep 30 2024 10:33:58 by root@localhost.
2024-12-03T22:48:38.430633+01:00 ns2 pdns_server[1886]: PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2.
2024-12-03T22:48:38.457209+01:00 ns2 pdns_server[1886]: Polled security status of version 4.9.2 at startup, no known issues reported: OK
2024-12-03T22:48:38.457708+01:00 ns2 pdns_server[1886]: STL Exception while filling the zone cache: Unable to open database file /var/lib/powerdns/pdns.lmdb-1: Permission denied
2024-12-03T22:48:38.463316+01:00 ns2 systemd[1]: pdns.service: Main process exited, code=exited, status=1/FAILURE
2024-12-03T22:48:38.463594+01:00 ns2 systemd[1]: pdns.service: Failed with result 'exit-code'.
2024-12-03T22:48:38.463767+01:00 ns2 systemd[1]: Failed to start pdns.service - PowerDNS Authoritative Server.
2024-12-03T22:48:39.608292+01:00 ns2 systemd[1]: pdns.service: Scheduled restart job, restart counter is at 2.
2024-12-03T22:48:39.608794+01:00 ns2 systemd[1]: Stopped pdns.service - PowerDNS Authoritative Server.
2024-12-03T22:48:39.623041+01:00 ns2 systemd[1]: Starting pdns.service - PowerDNS Authoritative Server...
2024-12-03T22:48:39.668124+01:00 ns2 pdns_server[1890]: Loading '/usr/lib/x86_64-linux-gnu/pdns/liblmdbbackend.so'
2024-12-03T22:48:39.669127+01:00 ns2 pdns_server[1890]: This is a standalone pdns
2024-12-03T22:48:39.669542+01:00 ns2 pdns_server[1890]: Listening on controlsocket in '/run/pdns/pdns.controlsocket'
2024-12-03T22:48:39.669891+01:00 ns2 pdns_server[1890]: UDP server bound to 0.0.0.0:53
2024-12-03T22:48:39.670223+01:00 ns2 pdns_server[1890]: UDP server bound to [::]:53
2024-12-03T22:48:39.670376+01:00 ns2 pdns_server[1890]: TCP server bound to 0.0.0.0:53
2024-12-03T22:48:39.670484+01:00 ns2 pdns_server[1890]: TCP server bound to [::]:53
2024-12-03T22:48:39.670588+01:00 ns2 pdns_server[1890]: PowerDNS Authoritative Server 4.9.2 (C) PowerDNS.COM BV
2024-12-03T22:48:39.670705+01:00 ns2 pdns_server[1890]: Using 64-bits mode. Built using gcc 12.2.0 on Sep 30 2024 10:33:58 by root@localhost.
2024-12-03T22:48:39.670811+01:00 ns2 pdns_server[1890]: PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2.
2024-12-03T22:48:39.752638+01:00 ns2 pdns_server[1890]: Polled security status of version 4.9.2 at startup, no known issues reported: OK
2024-12-03T22:48:39.753349+01:00 ns2 pdns_server[1890]: STL Exception while filling the zone cache: Unable to open database file /var/lib/powerdns/pdns.lmdb-1: Permission denied
2024-12-03T22:48:39.759091+01:00 ns2 systemd[1]: pdns.service: Main process exited, code=exited, status=1/FAILURE
2024-12-03T22:48:39.759317+01:00 ns2 systemd[1]: pdns.service: Failed with result 'exit-code'.
2024-12-03T22:48:39.759462+01:00 ns2 systemd[1]: Failed to start pdns.service - PowerDNS Authoritative Server.
2024-12-03T22:48:40.858478+01:00 ns2 systemd[1]: pdns.service: Scheduled restart job, restart counter is at 3.
2024-12-03T22:48:40.858963+01:00 ns2 systemd[1]: Stopped pdns.service - PowerDNS Authoritative Server.

I killed the loop after 78 restarts. I can paste them all here, but the output doesn't change after these 3 restarts, so I didn't think it added much.

On the hidden master this generated the following logging:

2024-12-03T22:47:18.940016+01:00 nsmaster pdns_server[24349]: Notification request to host <ip_secondary> for zone '<domain>' received from operator
2024-12-03T22:47:20.203754+01:00 nsmaster pdns_server[24349]: Received spurious notify answer for '<domain>' from <ip_secondary>:53
2024-12-03T22:47:23.205528+01:00 nsmaster pdns_server[24349]: Received spurious notify answer for '<domain>' from <ip_secondary>:53
2024-12-03T22:47:28.208722+01:00 nsmaster pdns_server[24349]: Received spurious notify answer for '<domain>' from <ip_secondary>:53
2024-12-03T22:47:37.211694+01:00 nsmaster pdns_server[24349]: Received spurious notify answer for '<domain>' from <ip_secondary>:53
2024-12-03T22:47:53.214825+01:00 nsmaster pdns_server[24349]: Notification for <domain> to <ip_secondary>:0 failed after retries
2024-12-03T22:48:36.387244+01:00 nsmaster pdns_server[24349]: Notification request to host <ip_secondary> for zone '<domain>' received from operator
2024-12-03T22:49:11.234944+01:00 nsmaster pdns_server[24349]: Notification for <domain> to <ip_secondary>:0 failed after retries
2024-12-03T22:51:01.012202+01:00 nsmaster pdns_server[24349]: AXFR-out zone '<domain>', client '<ip_secondary>:36897', transfer initiated

The last line is that the AXFR was succesful. This was after I ran chown on the lmdb files, and changed them all to pdns.