Bug#506764: siproxd: Problem with DNS resolution when in chroot jail
Frédéric BOITEUX
fboiteux at calistel.com
Tue Nov 25 10:53:20 UTC 2008
Le mar 25 nov 2008 10:24:10 CET, Faidon Liambotis <paravoid at debian.org>
a écrit :
> Frédéric BOITEUX wrote:
> >> Err, you're probably missing a proper /etc/hosts...
> >>
> > Yes, the chroot jail, as built and used by the package, does no contain
> > anything about a siproxd's data file... But no indication nowhere about
> > what to do then... And for a /etc/hosts solution, you have to know by
> > advance all domains used by siproxd clients, it isn't an easy
> > solution...
> By proper, I meant an /etc/hosts that contains an entry
> 127.0.0.01 localhost.localdomain localhost
>
> I have no knowledge about the bug itself but from what I saw, that seems
> to be the problem.
Hello Faidon,
I don't think it's the solution. Here is what I've understood :
- Siproxd daemon run in a chroot jail for security purpose
- it has to do some DNS resolutions in its work, but lacks a proper
configuration to do it, so before to run into the chroot, it does a DNS
query to be sure to load resolver's dynamic libraries, as they couldn't
be loaded in the chroot.
- the fake resolution asks about 'localhost', but it seems that it's
not sufficient (at least in my case) to load the targeted libraries,
and then the real resolution fail when in the chroot jail.
- I've added another fake resolution (I should have removed one for
"localhost" which is useless) to be sure that resolver's libraries are
really loaded...
Fred.
More information about the Pkg-voip-maintainers
mailing list