Gtinydns id not created, but two other id's created

Bug #518393 reported by Michael Lueck on 2010-02-07
22
This bug affects 4 people
Affects Status Importance Assigned to Milestone
djbdns (Debian)
Fix Released
Unknown
djbdns (Ubuntu)
Undecided
Unassigned

Bug Description

Binary package hint: djbdns

Ubuntu 9.04 server edition

I am working through trying to set up a djbdns implementation with the Ubuntu packages of djbdns and related software from djb.

I see that two ID's were created by the packages: Gdnscache and Gdnslog

However, no Gtinydns was created, which is required to set up tinydns.

Perhaps was that overlooked, or did I not install enough packages... yet one more I did not see?

Shall I add it myself manually? Since the ID's look a bit different that were created by the Ubuntu packages, then what syntax should I use to create Gtinydns myself?

Thanks!

Related branches

Michael Lueck (mlueck) wrote :

This also affects the Lucid alpha with all available updates, then I:

sudo apt-get install djbdns dnscache-run

No Gtinydns account was created.

I went ahead and created the ID myself so that progress could continue. I then edited the various files directly to make it consistent with the other ID's created by djbdns. Process as follows, including EDITED examples from the files:

# useradd -r -s /bin/false Gtinydns

# /etc/passwd
Gdnscache:x:108:118::/nonexistent:/bin/false
Gdnslog:x:109:119::/nonexistent:/bin/false
Gtinydns:x:110:120::/nonexistent:/bin/false

# /etc/shadow
Gdnscache:*:14646:0:99999:7:::
Gdnslog:*:14646:0:99999:7:::
Gtinydns:*:14646:0:99999:7:::

# /etc/group
Gdnscache:x:118:
Gdnslog:x:119:
Gtinydns:x:120:

Please get this corrected for the Lucid 10.04 LTS release. Should be a quick fix of what ever script creates the ID's.

Michael Lueck (mlueck) wrote :

I just retested this on a clean install of Lucid Alpha 3, and the Gtinydns account is still missing.

Could this get added before Lucid ships, please??!?!? :-)

Michael Lueck (mlueck) wrote :

I think this diff should correctly create the missing ID needed to set up tinydns within the djbdns system.

Could a maintainer please assist us with this and consider for inclusion in Lucid. Thanks!

Michael Lueck (mlueck) wrote :

Thinking that perhaps Ubuntu is waiting for direction on this issue to come from the Debian packager, I tried contacting Gerrit Pape and the following addy <pape [AT] smarden.org> That address hard bounced. So it seems at least for the original Debian packager listed, I am unable to contact that person directly and verify what needs to be done about this missing ID.

Still, from all of the documentation available direct from djb himself and others who have documented their own howto, always three separate ID's are documented for setting up djbdns. The Ubuntu package as-is has only two of the three ID's.

Could someone kindly review the diff I attached above and consider including this fix into Lucid before it releases. I would like the next LTS release to be every bit as perfect as it could be. Thank you.

Michael Lueck (mlueck) wrote :

I verified that the following syntax which the dnscache-run.preinst script uses when creating ID's is correct to get the missing / needed account.

adduser --quiet --system --force-badname --shell /bin/false --group --home /nonexistent --no-create-home Gtinydns

So the diff attached in #3 should indeed be a good diff.

Please, could someone review this diff and consider it for inclusion into Lucid 10.04 LTS!

Thank you!

Johannes Hessellund (osos) wrote :

The djbdns package still does not add the relevant users.

djbdns package should add these users

User:homecatalog:shell

dnslog:/var/log/dns:/bin/false
dnscache:/etc/dnscache:/bin/false
tinydns:/etc/tinydns:/bin/false
axfrdns:/etc/axfrdns:/bin/false

Michael Lueck (mlueck) wrote :

Yes Johannes, apparently the axfrdns ID is needed as well.

Ubuntu developers, please see: http://cr.yp.to/djbdns/axfrdns.html

To match the Ubuntu naming standard for the djbdns package, perhaps Gaxfrdns

And the original developer's docs stating that Gtinydns ID is needed: http://cr.yp.to/djbdns/run-server.html

I have updated the diff patch of the script responsible for creating these ID's. Could someone kindly review the patch and get this updated?

tags: added: patch
Michael Lueck (mlueck) wrote :

Confirmed that today's current 11.04 (Natty Narwhal) still has this issue.

Could someone please review my patch and check it in. That would be appreciated! :-)

Chris Coulson (chrisccoulson) wrote :

Thanks for working on this.

I took a look at it though, but I can't see where these users are needed in djbdns. Packages should only be creating users where they actually need them really. Are these users only required by tinydns, or am I missing something?

Thanks

Changed in djbdns (Ubuntu):
status: New → Incomplete
Michael Lueck (mlueck) wrote :

Yes the tinydns component of djbdns needs that specific ID.

Per DJB (the author) three ID's are needed for a basic installation of djbns.

Johannes Hessellund pointed out that a fourth ID is needed for an optional step in the set up of djbdns, so I added that ID as well, and references the URL's to DJB's documentation where both are specified.

I have documented my steps of the basic installation using the Ubuntu packages rather than compiling from source here:
http://www.lueckdatasystems.com/HOW-TO_Basic_installation_of_Daniel_J_Bernstein_djbdns_TinyDNS_on_Ubuntu_Linux

If not in the djbdns package, then in the dnscache-run package. Those are the only two packages I must add to a system in order to set up a basic djbdns implementation. (Yes, those two drag on dependencies as well.)

Aaahhh, the binary that the Gtinydns ID is passed in as an arg to comes from the djbdns package, not the dnscache-run package. So yes, I would think at least the original three I proposed need to be added by djbdns.

And the same is true for the axfrdns account, the binary that needs it also comes with djbdns and not a separate package. I just have never needed that one, aparently Johannes Hessellund has.

Launchpad Janitor (janitor) wrote :

[Expired for djbdns (Ubuntu) because there has been no activity for 60 days.]

Changed in djbdns (Ubuntu):
status: Incomplete → Expired
Michael Lueck (mlueck) wrote :

Evidently status = Incomplete also has an annoying 60 day timer... gggrrr... reopening and set to new.

Changed in djbdns (Ubuntu):
status: Expired → New
jasherai (phatforge) wrote :

Is there any chance of some progress on this ticket as this also affects me. The situation is quite simple. djbdns uses different users to keep secure the different daemons that it provides. For the core functionality of running a dns server, the package should provide 3 users for tinydns to be configured with.

I hope this (albeit repeated) summarisation helps understanding.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package djbdns - 1:1.05-8ubuntu1

---------------
djbdns (1:1.05-8ubuntu1) oneiric; urgency=low

  * Apply patch from Michael Lueck resolving missing users as per
    upstream author's guidelines. (LP: #518393)
 -- Daniel T Chen <email address hidden> Wed, 03 Aug 2011 16:46:27 -0400

Changed in djbdns (Ubuntu):
status: New → Fix Released
Daniel T Chen (crimsun) on 2011-08-03
tags: added: patch-forwarded-debian
removed: patch
Changed in djbdns (Debian):
status: Unknown → New
Changed in djbdns (Debian):
status: New → Incomplete
Changed in djbdns (Debian):
status: Incomplete → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.