theforeman / puppet-dns

Installs and manages an ISC BIND DNS server with zones
Apache License 2.0
18 stars 70 forks source link

Config file validation fails in Ubuntu 22.04 because named-checkconf is installed in a different path #227

Closed kajinamit closed 1 year ago

kajinamit commented 1 year ago

The named-checkconf command is installed not in /usr/sbin but in /usr/bin in Ubuntu 22.04. https://packages.ubuntu.com/jammy/bind9-utils

Because of this change, applying a manifest with dns::config_check => true (this is default) fails with the following error in Ubuntu 22.04.

2023-03-14 01:27:22 +0000 /Stage[main]/Dns::Config/Concat[/etc/bind/zones.conf]/File[/etc/bind/zones.conf]/ensure (err): change from 'absent' to 'file' failed: Execution of '/usr/sbin/named-checkconf /etc/bind/zones.conf20230314-5533-1381cdx' returned 1: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/log/destinations.rb:112:in `flush': Bad file descriptor (Errno::EBADF)
    from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/log/destinations.rb:112:in `handle'
    ...
    from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:77:in `execute'
    from /opt/puppetlabs/puppet/bin/puppet:5:in `<main>'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/execution.rb:360:in `exec': No such file or directory - /usr/sbin/named-checkconf (Errno::ENOENT)
    from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/execution.rb:360:in `block (2 levels) in execute_posix'
    ...
    from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:77:in `execute'
    from /opt/puppetlabs/puppet/bin/puppet:5:in `<main>'
ekohl commented 1 year ago

This is set here: https://github.com/theforeman/puppet-dns/blob/e736c2e8c28d005ba561dd3228814fe8e525a9b9/manifests/params.pp#L19

Are you aware of other changes that Ubuntu 22.04 made? Will this also be in the next Debian version?

kajinamit commented 1 year ago

We are using this module to set up bind and integrate it with Designate in our CI jobs but so far we have not caught any issues as long as confgi_check is disabled (though our usage is quite simple and does not cover all features). https://github.com/openstack/puppet-openstack-integration/blob/master/manifests/bind.pp

I quickly checked the packages in Debian but seems the command is installed in /usr/bin from Debian 12 (Bookworm), which is still Beta. Probably we can leave it now and fix it once Debian 12 is officially supported. 11 (Bullseye): https://packages.debian.org/bullseye/amd64/bind9-utils/filelist 12 (Bookworm): https://packages.debian.org/bookworm/amd64/bind9-utils/filelist

It seems the command path has been changed in jammy-updates/bullseye-updates as well but I'm not too sure how we handle these.