nickvergessen
commented
2 years ago Open nickvergessen opened 2 years ago
nickvergessen
commented
2 years ago 
come-nc
commented
2 years ago 
Entmatix
commented
2 years ago Same error here for latest stable docker image.
[PHP] Error: Error: dns_get_record(): A temporary server error occurred. at /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php#83 at <<closure>>
0. <<closure>>
OC\Log\ErrorHandler::onError(2, "dns_get_record( ... .", "/var/www/html/l ... p", 83)
1. /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php line 83
dns_get_record("www.edri.org", 16)
2. /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php line 128
OC\Http\Client\DnsPinMiddleware->dnsResolve("www.edri.org", 1)
3. /var/www/html/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php line 35
OC\Http\Client\DnsPinMiddleware->OC\Http\Client\{closure}("*** sensitive parameters replaced ***")
4. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 31
GuzzleHttp\PrepareBodyMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
5. /var/www/html/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 71
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
6. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 63
GuzzleHttp\RedirectMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
7. /var/www/html/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php line 75
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
8. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 331
GuzzleHttp\HandlerStack->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
9. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 168
GuzzleHttp\Client->transfer("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
10. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 187
GuzzleHttp\Client->requestAsync("get", GuzzleHttp\Psr7\Uri {}, ["/var/www/html/ ... "])
11. /var/www/html/lib/private/Http/Client/Client.php line 218
GuzzleHttp\Client->request("get", "http://www.edri.org/", ["/var/www/html/ ... "])
12. /var/www/html/apps/settings/lib/Controller/CheckSetupController.php line 211
OC\Http\Client\Client->get("http://www.edri.org/")
13. /var/www/html/apps/settings/lib/Controller/CheckSetupController.php line 193
OCA\Settings\Controller\CheckSetupController->isSiteReachable("www.edri.org")
14. /var/www/html/apps/settings/lib/Controller/CheckSetupController.php line 860
OCA\Settings\Controller\CheckSetupController->hasInternetConnectivityProblems()
15. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 225
OCA\Settings\Controller\CheckSetupController->check()
16. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 133
OC\AppFramework\Http\Dispatcher->executeController(OCA\Settings\Con ... {}, "check")
17. /var/www/html/lib/private/AppFramework/App.php line 172
OC\AppFramework\Http\Dispatcher->dispatch(OCA\Settings\Con ... {}, "check")
18. /var/www/html/lib/private/Route/Router.php line 298
OC\AppFramework\App::main("OCA\\Settings\\ ... r", "check", OC\AppFramework\ ... {}, ["settings.CheckSetup.check"])
19. /var/www/html/lib/base.php line 1030
OC\Route\Router->match("/settings/ajax/checksetup")
20. /var/www/html/index.php line 36
OC::handleRequest()
GET /settings/ajax/checksetup
from 172.18.0.1 by admin at 2022-10-10T18:55:44+00:00No updates, no apps, no connection to any external resources.
szaimen
commented
2 years ago Is this still happening?
nickvergessen
commented
2 years ago Is this still happening?
362 entries in the last 8 days
PVince81
commented
1 year ago as far as I understand this is when the Guzzle http client library connects to an external server, could be a federated share but also the update notification or the internet connection check ?
nickvergessen
commented
1 year ago It's the reference link previews of talk, text and others
Daryes
commented
1 year ago Still happening as of Nextcloud 25.0.4 For the record, it seems the url the Guzzle http client is trying to use is malformed, I got those links in the log:
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Updater/VersionCheck.php",
"line": 92,
"function": "getUrlContent",
"class": "OC\\Updater\\VersionCheck",
"type": "->",
"args": [
"https://updates.nextcloud.com/updater_server/?version=25x0x4x1x1353265794.0941x1677326957xstablexx2023-02-23T10:32:31+00:00 0c86714144f50a66e845e9ef80d4cd7e6918a4f5x8x0x21"
]
},That's an example from the logs I had.
Another one, with the full message of another error when trying to reach github.com (as it seems). Given the server is not air-gapped and is able to reach github without trouble, to me it seems the "dns_get_record" is wrongly used for a different problem (ex : malformed url, or wrong target)
{
"reqId": "pUpkyeKEc02zF5nXB5tz",
"level": 3,
"time": "2023-02-25T12:00:35+00:00",
"remoteAddr": "",
"user": "--",
"app": "PHP",
"method": "",
"url": "--",
"message": "dns_get_record(): A temporary server error occurred. at /server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Http/Client/DnsPinMiddleware.php#83",
"userAgent": "--",
"version": "25.0.3.2",
"exception": {
"Exception": "Error",
"Message": "dns_get_record(): A temporary server error occurred. at /server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Http/Client/DnsPinMiddleware.php#83",
"Code": 0,
"Trace": [
{
"function": "onError",
"class": "OC\\Log\\ErrorHandler",
"type": "::",
"args": [
2,
"dns_get_record(): A temporary server error occurred.",
"/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Http/Client/DnsPinMiddleware.php",
83
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Http/Client/DnsPinMiddleware.php",
"line": 83,
"function": "dns_get_record",
"args": [
"github.com",
134217728
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Http/Client/DnsPinMiddleware.php",
"line": 128,
"function": "dnsResolve",
"class": "OC\\Http\\Client\\DnsPinMiddleware",
"type": "->",
"args": [
"github.com",
1
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php",
"line": 35,
"function": "OC\\Http\\Client\\{closure}",
"class": "OC\\Http\\Client\\DnsPinMiddleware",
"type": "->",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/guzzlehttp/guzzle/src/Middleware.php",
"line": 31,
"function": "__invoke",
"class": "GuzzleHttp\\PrepareBodyMiddleware",
"type": "->",
"args": [
"*** sensitive parameters replaced ***",
"*** sensitive parameters replaced ***"
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php",
"line": 71,
"function": "GuzzleHttp\\{closure}",
"class": "GuzzleHttp\\Middleware",
"type": "::",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/guzzlehttp/guzzle/src/Middleware.php",
"line": 63,
"function": "__invoke",
"class": "GuzzleHttp\\RedirectMiddleware",
"type": "->",
"args": [
"*** sensitive parameters replaced ***",
"*** sensitive parameters replaced ***"
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php",
"line": 75,
"function": "GuzzleHttp\\{closure}",
"class": "GuzzleHttp\\Middleware",
"type": "::",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/guzzlehttp/guzzle/src/Client.php",
"line": 331,
"function": "__invoke",
"class": "GuzzleHttp\\HandlerStack",
"type": "->",
"args": [
"*** sensitive parameters replaced ***",
"*** sensitive parameters replaced ***"
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/guzzlehttp/guzzle/src/Client.php",
"line": 168,
"function": "transfer",
"class": "GuzzleHttp\\Client",
"type": "->",
"args": [
"*** sensitive parameters replaced ***",
"*** sensitive parameters replaced ***"
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/guzzlehttp/guzzle/src/Client.php",
"line": 187,
"function": "requestAsync",
"class": "GuzzleHttp\\Client",
"type": "->",
"args": [
"get",
[
"GuzzleHttp\\Psr7\\Uri"
],
[
"/server/websites/nextcloud/data/files_external/rootcerts.crt",
0,
[
[
"Closure"
]
],
"/tmp/oc_tmp_2mc6c7-.tar.gz",
[
false
],
true,
[
"GuzzleHttp\\HandlerStack"
],
true,
true,
false,
false,
[
"GuzzleHttp/7"
]
]
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Http/Client/Client.php",
"line": 218,
"function": "request",
"class": "GuzzleHttp\\Client",
"type": "->",
"args": [
"get",
"https://github.com/nextcloud-releases/announcementcenter/releases/download/v6.5.0/announcementcenter-v6.5.0.tar.gz",
[
"/server/websites/nextcloud/data/files_external/rootcerts.crt",
0,
[
[
"Closure"
]
],
"/tmp/oc_tmp_2mc6c7-.tar.gz",
[
false
],
[
"Nextcloud Server Crawler",
"gzip"
],
true
]
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Installer.php",
"line": 295,
"function": "get",
"class": "OC\\Http\\Client\\Client",
"type": "->",
"args": [
"https://github.com/nextcloud-releases/announcementcenter/releases/download/v6.5.0/announcementcenter-v6.5.0.tar.gz",
[
"/tmp/oc_tmp_2mc6c7-.tar.gz",
0
]
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Installer.php",
"line": 193,
"function": "downloadApp",
"class": "OC\\Installer",
"type": "->",
"args": [
"*** sensitive parameters replaced ***",
false
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Updater.php",
"line": 423,
"function": "updateAppstoreApp",
"class": "OC\\Installer",
"type": "->",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Updater.php",
"line": 282,
"function": "upgradeAppStoreApps",
"class": "OC\\Updater",
"type": "->",
"args": [
[
"admin_audit",
"*** sensitive parameters replaced ***",
"bookmarks",
"bruteforcesettings",
"calendar",
"checksum",
"circles",
"cloud_federation_api",
"comments",
"contacts",
"contactsinteraction",
"dav",
"external",
"federatedfilesharing",
"files",
"files_external",
"files_pdfviewer",
"files_rightclick",
"files_sharing",
"files_texteditor",
"files_trashbin",
"forms",
"keeweb",
"logreader",
"lookup_server_connector",
"notes",
"notifications",
"notify_push",
"oauth2",
"oidc_login",
"password_policy",
"photos",
"polls",
"privacy",
"provisioning_api",
"recommendations",
"related_resources",
"serverinfo",
"settings",
"sharebymail",
"side_menu",
"support",
"systemtags",
"tasks",
"text",
"theming",
"twofactor_backupcodes",
"updatenotification",
"user_ldap",
"user_status",
"viewer",
"weather_status",
"workflowengine"
]
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Updater.php",
"line": 141,
"function": "doUpgrade",
"class": "OC\\Updater",
"type": "->",
"args": [
"25.0.4.1",
"25.0.3.2"
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/core/Command/Upgrade.php",
"line": 225,
"function": "upgrade",
"class": "OC\\Updater",
"type": "->",
"args": []
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/symfony/console/Command/Command.php",
"line": 255,
"function": "execute",
"class": "OC\\Core\\Command\\Upgrade",
"type": "->",
"args": [
[
"Symfony\\Component\\Console\\Input\\ArgvInput"
],
[
"Symfony\\Component\\Console\\Output\\ConsoleOutput"
]
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/symfony/console/Application.php",
"line": 1009,
"function": "run",
"class": "Symfony\\Component\\Console\\Command\\Command",
"type": "->",
"args": [
[
"Symfony\\Component\\Console\\Input\\ArgvInput"
],
[
"Symfony\\Component\\Console\\Output\\ConsoleOutput"
]
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/symfony/console/Application.php",
"line": 273,
"function": "doRunCommand",
"class": "Symfony\\Component\\Console\\Application",
"type": "->",
"args": [
[
"OC\\Core\\Command\\Upgrade"
],
[
"Symfony\\Component\\Console\\Input\\ArgvInput"
],
[
"Symfony\\Component\\Console\\Output\\ConsoleOutput"
]
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/3rdparty/symfony/console/Application.php",
"line": 149,
"function": "doRun",
"class": "Symfony\\Component\\Console\\Application",
"type": "->",
"args": [
[
"Symfony\\Component\\Console\\Input\\ArgvInput"
],
[
"Symfony\\Component\\Console\\Output\\ConsoleOutput"
]
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Console/Application.php",
"line": 213,
"function": "run",
"class": "Symfony\\Component\\Console\\Application",
"type": "->",
"args": [
[
"Symfony\\Component\\Console\\Input\\ArgvInput"
],
[
"Symfony\\Component\\Console\\Output\\ConsoleOutput"
]
]
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/console.php",
"line": 100,
"function": "run",
"class": "OC\\Console\\Application",
"type": "->",
"args": []
},
{
"file": "/server/websites/nextcloud/releases/nextcloud-25.0.4/occ",
"line": 11,
"args": [
"/server/websites/nextcloud/releases/nextcloud-25.0.4/console.php"
],
"function": "require_once"
}
],
"File": "/server/websites/nextcloud/releases/nextcloud-25.0.4/lib/private/Log/ErrorHandler.php",
"Line": 92,
"CustomMessage": "--"
}
}
KDederichs
commented
1 year ago Still a thing in 25.0.7 and 26.0.2
joshtrichards
commented
1 year ago tldr:
I think there are two "problems" here, both upstream based on my review of upstream code (php-src). I say "problems" surrounded by quotes because it's not clear the second one is even an actual problem.
dns_get_record(): A temporary server error occurred.Despite the original report of this bug in php, in my testing dns_get_record() always returns false when expected. It just also tries to provide a hint as to the reason by translating the underlying h_errno (see https://linux.die.net/man/3/h_errno) here (below) and outputting it sometimes:
This is in contrast to, say, dns_check_record(), which doesn't bother trying to provide a hint as to the reason: https://github.com/php/php-src/blob/15bdc85e005e4e750428b8a9f7d6460dc126c4ff/ext/standard/dns.c#L426-L431
h_errno stateThere also seems to be some other underlying situation that - even though it returns false in both cases - the same query can trigger a h_errno that translates to the TRY_AGAIN but other times doesn't. I have one repeatable way of triggering this situation: do a dns_get_record("bogusdomain.tld) on an NXDOMAIN then do an nslookup bogusdomain.tld before calling (i.e. in between) dns_get_record("bogusdomain.tld") again. false is still returned but the TRY_AGAIN output goes away. Also, at this point, any further dns_get_record("bogusdomain.tld") will simply return false as expected without any TRY_AGAIN. You have to pick a new bogus domain to repeat the same pattern again.
I assume what's actually happening is that this part of the case statement is being (properly?) triggered once the nslookup populates a cache somewhere or something on the localhost:
On the upside, while the output is noisy and the errno seems inconsistent (and I can't explain exactly why that is at the moment), the actual true/false return seems accurate (i.e. non-existent hostnames and other DNS lookup failures do actually return false).
Appears to work as I'd expect with a caveat: it doesn't bother with trying to track the h_errno let alone provide a hint to the caller about it. It may just be suffering from the second issue above in silence (or not at all) since it otherwise looks up DNS records in basically the same manner internally as dns_get_record():
If it's not suffering from the second issue it could provide a clue as to the underlying issue here. But that's an upstream matter. Not an NC one.
The logged message may turn out to be a red herring... or not. We just care about the big picture: is the true or false an accurate indicator of DNS lookup success and failure? Yes, seems so.
We just have to deal with the noise... But also do so in a way that will still catch any other potential remaining oddities with DNS lookup failures that could still exist...
Besides some upstream matters, a path to resolution for NC at the moment turns out to be quite simple:
Call dns_check_record(hostname, "ANY"|type) first then if - only if - it returns true bother to call dns_get_record(hostname,"DNS_ANY"|type). Since we only call the latter if the former succeeds - and there will by definition then be a nearby resolver with the records cached if the hostname does actually turn out to exist - it's negligible overhead. And it guarantees we won't call the noisy dns_get_record() since that noise only comes out when the hostname doesn't exist or there's some other DNS lookup failure.
That's my evening brain dump on this issue.
joshtrichards
commented
1 year ago My gut is telling me the the inconsistent errno may be a red herring in the end, but I haven't dug into what would account for the errno changing in between calls. Possibly some DNS resolver caching/etc. where in one case it isn't certain it's more than a temporary failure and in another situation it's able to conclude "nah this really doesn't exist". It would be a bigger deal if we weren't getting false back from dns_get_record when expected...
Clarification about how I'm able to consistently reproduce the behavior: The "A temporary server error occurred" message goes away when I do an nslookup in between on the same non-existent domain. If I don't, it continues. And to repeat the same behavior (i.e. the noisy output) you have to pick a new non-existent domain once you've gone through the dns_get_record/nslookup/dns_get_record sequence each time.
Upstream (PHP): I've also added a (briefer) comment on the upstream bug report.
AxIauk
commented
1 year ago Is this still happening?
362 entries in the last 8 days
This question has been around for a long time. Suddenly the source of the problem was discovered. Can be reproduced. Confirmed that my openwrt router plugin broke DNS reverse lookup.
The router's "Reverse DNS Lookup Timeout" can use the network normally and is not easily noticed.
AxIauk
commented
1 year ago My gut is telling me the the inconsistent errno may be a red herring in the end, but I haven't dug into what would account for the errno changing in between calls. Possibly some DNS resolver caching/etc. where in one case it isn't certain it's more than a temporary failure and in another situation it's able to conclude "nah this really doesn't exist". It would be a bigger deal if we weren't getting false back from dns_get_record when expected...
Clarification about how I'm able to consistently reproduce the behavior: The "A temporary server error occurred" message goes away when I do an nslookup in between on the same non-existent domain. If I don't, it continues. And to repeat the same behavior (i.e. the noisy output) you have to pick a new non-existent domain once you've gone through the dns_get_record/nslookup/dns_get_record sequence each time.
Upstream (PHP): I've also added a (briefer) comment on the upstream bug report.
Guess: nextcloud and php, the system acquires and verifies the validity of the remote host's IP address by performing a double DNS lookup.
MrRinkana
commented
5 months ago I'm getting these errors occassinaly on 28.0.5 aswell. Typically look like this:
{
"reqId": "uAUQFEwikg5QBkd5s9AK",
"level": 3,
"time": "2024-04-26T01:57:20+00:00",
"remoteAddr": "",
"user": "--",
"app": "PHP",
"method": "",
"url": "--",
"message": "dns_get_record(): A temporary server error occurred. at /srv/www/nextcloud/lib/private/Http/Client/DnsPinMiddleware.php#111",
"userAgent": "--",
"version": "28.0.5.1",
"data": {
"app": "PHP"
},
"id": "6638a4774308c"
}It does not happen often, only once since update to 28.0.5 but they always come in a bunch (8 last time). Last time they also where followed by a warning:
I do not know how to trigger them, seems to happen randomly (like 4am when probably noone is using the server actively).
Let me know if you want configuration or something else!
skl256
commented
5 months ago Create Dockerfile & 99-fix-dns-get-record-server-error.sh
Dockerfile:
FROM nextcloud:27.1.9-fpm # replcace nextcloud:27.1.9-fpm to your nextcloud image
# Fix https://github.com/nextcloud/server/issues/34205
COPY 99-fix-dns-get-record-server-error.sh /docker-entrypoint-hooks.d/before-starting/99-fix-dns-get-record-server-error.sh
RUN chmod +x /docker-entrypoint-hooks.d/before-starting/99-fix-dns-get-record-server-error.sh99-fix-dns-get-record-server-error.sh:
#! /bin/sh
sed -i 's/dnsTypes = \[DNS_A, DNS_AAAA, DNS_CNAME\];/dnsTypes = [DNS_A, DNS_AAAA];/' /var/www/html/lib/private/Http/Client/DnsPinMiddleware.phpNext build image and use instead of your old nextcloud image.
docker image build -t my_fixed_nextcloud_image_name . (don't forget the dot at the end)
joshtrichards
commented
5 months ago @skl256 By chance do either of the following trigger the failure in your environment:
Either running this within the app container:
php -r 'var_dump(dns_get_record("localhost", DNS_CNAME));
Or something like this in a dedicated (throwaway) php container:
docker run -it --rm -v $(pwd):/var/www php:latest php -r "var_dump(dns_get_record('localhost', DNS_CNAME));"
I've seen some reports around of failures when php+dns_get_record+docker+localhost+CNAME are combined. I can't reproduce it in my environments, but there are multiple reports so perhaps a buggy Docker Engine version or something.
elandorr
commented
4 months ago Still occurring on 29.0.1. Or rather, only since the update. Maybe I never looked at the admin panel before when it happened. Docker is whatever is currently "stable" upstream.
var_dump(dns_get_record('localhost', DNS_CNAME)); returns an empty array - also for any other host.
But getent works fine, so it's not a DNS issue. No idea what PHP is doing.
VitalyEmelyanov
commented
2 months ago Same issue at 29.0.4
Daryes
commented
2 months ago @skl256 By chance do either of the following trigger the failure in your environment:
Either running this within the app container:
php -r 'var_dump(dns_get_record("localhost", DNS_CNAME));Or something like this in a dedicated (throwaway)
phpcontainer:
docker run -it --rm -v $(pwd):/var/www php:latest php -r "var_dump(dns_get_record('localhost', DNS_CNAME));"I've seen some reports around of failures when php+dns_get_record+docker+localhost+CNAME are combined. I can't reproduce it in my environments, but there are multiple reports so perhaps a buggy Docker Engine version or something.
I've checked in a standard installation without docker, the command you gave will also raise the same error :
$ php --version
PHP 8.1.27 (cli) (built: Feb 25 2024 12:02:49) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.27, Copyright (c) Zend Technologies
with Zend OPcache v8.1.27, Copyright (c), by Zend Technologies
$ php -r 'var_dump(dns_get_record("localhost", DNS_CNAME));'
PHP Warning: dns_get_record(): A temporary server error occurred. in Command line code on line 1
bool(false)Btw, asking to search a CNAME for localhost is bound to raise an error :
this is a executed as a real DNS query, you'll not get an answer for such record from a server which is not running even a cache dns server, like dsnmasq.
skl256
commented
2 months ago @joshtrichards
Hm..
run docker container run --dns 192.168.2.1 --network host -it --rm php php -r "var_dump(dns_get_record('localhost', DNS_CNAME));"
result Warning: dns_get_record(): A temporary server error occurred. in Command line code on line 1 bool(false)
but
run docker container run --dns 192.168.0.1 --network host -it --rm php php -r "var_dump(dns_get_record('localhost', DNS_CNAME));"
result array(0) {}
At the same time, the DNS server on the router 192.168.2.1 is set to 192.168.0.1 Well, in general, it is already clear that this is not a problem with NextCloud.
Daryes
commented
2 months ago @skl256 your test changing the dns server gave me an idea : I have different DNS servers, including Bind and Windows NS
So, with a little dusting on tcpdump, and changing the /etc/resolv.conf file of the webserver
Default resolv configuration => 2 * Windows 2019 with DNS service as resolver
$ sudo tcpdump "port 53"
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on ens32, link-type EN10MB (Ethernet), snapshot length 262144 bytes
21:46:22.427534 IP webserver.corp.tld.34042 > winsrv-1.corp.tld.domain: 19285+ CNAME? localhost.corp.tld. (40)
21:46:22.428458 IP winsrv-1.corp.tld.domain > webserver.corp.tld.34042: 19285 NXDomain* 0/1/0 (110)
21:46:22.428614 IP webserver.corp.tld.58833 > winsrv-1.corp.tld.domain: 52092+ CNAME? localhost. (27)
21:46:22.429037 IP winsrv-1.corp.tld.domain > webserver.corp.tld.58833: 52092 ServFail 0/0/0 (27)
21:46:22.429206 IP webserver.corp.tld.34134 > winsrv-2.corp.tld.domain: 52092+ CNAME? localhost. (27)
21:46:22.430426 IP winsrv-2.corp.tld.domain > webserver.corp.tld.34134: 52092 ServFail 0/0/0 (27)
21:46:22.430580 IP webserver.corp.tld.57252 > winsrv-1.corp.tld.domain: 52092+ CNAME? localhost. (27)
21:46:22.431023 IP winsrv-1.corp.tld.domain > webserver.corp.tld.57252: 52092 ServFail 0/0/0 (27)
21:46:22.431162 IP webserver.corp.tld.35109 > winsrv-2.corp.tld.domain: 52092+ CNAME? localhost. (27)
21:46:22.432043 IP winsrv-2.corp.tld.domain > webserver.corp.tld.35109: 52092 ServFail 0/0/0 (27)=> Result from the php command : PHP Warning : ... bool(false)
Altered resolv configuration => 1 * home router with dnsmask as resolver (not really sure)
$ sudo tcpdump "port 53"
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on ens32, link-type EN10MB (Ethernet), snapshot length 262144 bytes
21:47:32.238120 IP 192.168.0.222.34233 > 192.168.0.1.domain: 41476+ CNAME? localhost.corp.tld. (40)
21:47:32.251614 IP 192.168.0.1.domain > 192.168.0.222.34233: 41476 NXDomain* 0/0/0 (40)
21:47:32.251808 IP 192.168.0.222.45499 > 192.168.0.1.domain: 54483+ CNAME? localhost. (27)
21:47:32.266222 IP 192.168.0.1.domain > 192.168.0.222.45499: 54483 NXDomain 0/1/0 (102)=> Result from the php command : array(0) {}
Altered resolv configuration => 1 * Ubuntu with Bind 9 as resolver
$ sudo tcpdump "port 53"
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on ens32, link-type EN10MB (Ethernet), snapshot length 262144 bytes
21:49:29.921220 IP 192.168.0.222.49938 > 192.168.0.200.domain: 46746+ CNAME? localhost.corp.tld. (40)
21:49:29.921579 IP 192.168.0.200.domain > 192.168.0.222.49938: 46746 NXDomain* 0/1/0 (95)
21:49:29.921683 IP 192.168.0.222.51571 > 192.168.0.200.domain: 6416+ CNAME? localhost. (27)
21:49:29.921948 IP 192.168.0.200.domain > 192.168.0.222.51571: 6416* 0/1/0 (68)=> Result from the php command : array(0) {}
All will answer NXDomain to a localhost.corp.tld query, which is somewhat expected as it is an internal domain (name was changed, it does not exist on internet).
But for a localhost. query, Windows will answer with ServFail (which explains the retries from the client to both servers), dnsmasq answer with NXDomain, and Bind with nothing.
Knowing what to look for, according to the RFC 1912 => 4.1 :
The "localhost" address is a "special" address which always refers to the local host. It should contain the following line: localhost. IN A 127.0.0.1
The "127.0" file should contain the line: 1 PTR localhost.
There has been some extensive discussion about whether or not to append the local domain to it. The conclusion is that "localhost." would be the best solution.
There are other discussions about this, like on Stackoverflow. The major problem is there are no obligation for this zone : should is used, and not must Which might occur with other DNS resolvers.
Btw, it seems the php implementation is also not valid, an error should be raised when an empty answer is given.
@joshtrichards If I'm not mistaken in my findings, it seems while the root cause is not NextCloud, it will fall to it to have a working solution. And to be honest, I didn't know about this, as I would never have the idea to allow a remote query for the localhost record.
come-nc
commented
2 months ago @Daryes Does that mean adding some manual handling for localhost in DnsPinMiddleware would fix it? Could you try?
Daryes
commented
2 months ago It seems a custom handler for localhost is doing the job, the log went silent when I plugged this in :
$ diff -u4 lib/private/Http/Client/DnsPinMiddleware.php.org lib/private/Http/Client/DnsPinMiddleware.php
--- lib/private/Http/Client/DnsPinMiddleware.php.org 2024-06-25 12:10:58.000000000 +0200
+++ lib/private/Http/Client/DnsPinMiddleware.php 2024-08-20 00:19:36.769965898 +0200
@@ -64,9 +64,10 @@
return reset($responses);
}
private function dnsResolve(string $target, int $recursionCount) : array {
- if ($recursionCount >= 10) {
+ // max 9 dns recusions - localhost has no dns record to retrieve
+ if ($recursionCount >= 10 || $target == "localhost") {
return [];
}
$recursionCount++;I'm waiting some more days to confirm, still
come-nc
commented
2 months ago Is an empty answer the correct answer for localhost? Can you create a pull request for this if it fixes the problem?
Daryes
commented
2 months ago @come-nc
While it reduce drastically the flood, it does not fix it :
This time, those are from dnsGetRecord(), a wrapper for dns_get_record()
As there are different dns functions, while a manual handling of some reserved name, starting with "localhost" might do the trick, it seems knowledge of nextwork working is required. As you asked, I have no way of knowing if an empty answer is the correct way for a localhost query. I based it about the fact nextcloud do not complains when the dns query returns empty without an error code. I am not a php dev, less a Nextcloud dev. I can use my environment to validate a fix, still
evrim706
commented
1 month ago is this fixed yet? im having the same problem
VitalyEmelyanov
commented
1 month ago Still an issue at 29.0.7
dns_get_record(): A temporary server error occurred. at /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php#113
ebiagi
commented
1 month ago I had the same problem on a debian 12 machine with systemd-resolved in stub mode, the problem was the libnss-resolve package. Uninstalled the package and the problem is gone
MrRinkana
commented
1 month ago Maybe everyone who is still getting these errors could edit their comments to add what OS/environment they are running? And according to above comment if they have libnss-resolve installed?
VitalyEmelyanov
commented
1 month ago I’m using an official docker fpm alpine image
Daryes
commented
4 weeks ago Maybe everyone who is still getting these errors could edit their comments to add what OS/environment they are running? And according to above comment if they have libnss-resolve installed?
Ubuntu 22.04, installed from the official ISO image, libnss-resolve is not installed
$ grep '^hosts:' /etc/nsswitch.conf
hosts: files dnsso the default config, nothing related to the linked issue in systemd repo, which seems limited to cloud images.
Btw, I already gave an explanation about why this occurs : https://github.com/nextcloud/server/issues/34205#issuecomment-2295423048
Given the tcpdump results, it seems related to the way each DNS server/resolver handle a dns query for localhost.
(the . at the end of localhost is not an error, all dns clients will add this, to be able to search on different domain suffixes, stated by the "search" parameter in resolv.conf, even if empty)
And you can expect many company using Active Directory for managing user accounts, which make it Windows DNS Server mandatory.
To fix this, having "localhost" a special case returning immediately an empty answer seems working, instead of passing to the php function dns_get_record()
the main problem is there are not only one, but at least 2 functions wrapping dns_get_record() in nextcloud, if not more.
And I am myself wondering why in the first case localhost had to be queried on dns resolvers.
ProxayFox
commented
1 week ago Hello, How are you all going. I came accross this thread when I had the same error on a differnt platform, just thought I'd add my findings just incase it helps.
I posted most of the findings bellow Snipt IT Ldap cannot bind users correctly #13564
Basically the drill down is, some DNS servers will block dns_any requests.
In my case it was working in my HomeLab but not on DigitalOcean.
When I ran dig it worked fine so I didn't think that was the problem
Buuuut then it came to running dig ldap.google.com any the DigitalOcean box didn't get a response but the homelab did
So I was able to make the bellow change and it started working From
$this->info("Performing DNS lookup of: ".$parsed['
$ips = dns_get_record($parsed['host']);
$raw_ips = [];too
$this->info("Performing DNS lookup of: ".$parsed['
$ips = dns_get_record($parsed['host'], DNS_A + DNS_CNAME);
$raw_ips = [];I hope this might help you guys, nextcloud is a really great system :)