New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dyndns update fails when no search domain is configured #6322
Comments
I can confirm this issue, I ran into this very problem on an Ubuntu 22.04 VM with the following details:
|
I'm seeing this too on Fedora 37 with
And the same workaround 'reconfigure the NM connection with |
Still seeing this with (Memo to self: set |
Systemd doesn't want to fix this, so it's up to sssd to cope with |
Hi, can you try if setting
to the [domain/...] section of sssd.conf helps? bye, |
Thanks, this works!
Selected log messagse:
(The |
Hi, thanks for testing, so it looks like the issue is in c-ares, the resolver library SSSD is using. Maybe you can open a ticket at https://github.com/c-ares/c-ares/issues to see what the c-ares developers think about this? bye, |
I'll do that but I'm not able to reproduce the problem with the following code. I get:
I'm different from what SSSD does by calling #include <arpa/inet.h>
#include <arpa/nameser.h>
#include <errno.h>
#include <netdb.h>
#include <netinet/in.h>
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <ares.h>
void cb(void *arg, int status, int timeouts, unsigned char *abuf, int alen) {
if (status != 0) {
fprintf(stderr, "ares_search -> %s\n", ares_strerror(status));
return;
}
int r;
struct hostent *host;
if ((r = ares_parse_a_reply(abuf, alen, &host, NULL, NULL)) != 0) {
fprintf(stderr, "ares_parse_a_reply: %s\n", ares_strerror(r));
return;
}
for (char** addr = host->h_addr_list; *addr; addr++) {
struct in_addr ina;
memcpy(&ina, *addr, host->h_length);
printf("%s: %s\n", host->h_name, inet_ntoa(ina));
}
ares_free_hostent(host);
}
int main(int argc, char *argv[]) {
if (argc != 2) {
fputs("provide a hostname\n", stderr);
return 1;
}
const char *name = argv[1];
int r, stat;
ares_channel chan;
if ((r = ares_init(&chan)) != 0 ) {
fprintf(stderr, "ares_init: %s\n", ares_strerror(r));
return 1;
}
ares_search(chan, name, ns_c_in, ns_t_a, cb, NULL);
for(;;) {
int nfds;
fd_set readers, writers;
FD_ZERO(&readers);
FD_ZERO(&writers);
nfds = ares_fds(chan, &readers, &writers);
if (nfds == 0)
break;
struct timeval tv, *tvp;
tvp = ares_timeout(chan, NULL, &tv);
int fd = select(nfds, &readers, &writers, NULL, tvp);
if (fd == -1) {
fprintf(stderr, "select: %s\n", strerror(errno));
stat = 1;
break;
}
ares_process(chan, &readers, &writers);
}
out:
ares_destroy(chan);
return stat;
}
// vim: ts=8 sts=4 sw=4 et |
Hi, I think it depends if c-ares has to add the search domain from bye, |
Ok, I get
If I remove
So I guess this demonstrates the bug. I can file that with c-ares. (What I don't understand is why, if |
Wait, I see. If the DNS entry for a host hasn't been created, of course this will break sssd. If the DNS entry for a host does exist, but has the wrong address, maybe sssd isn't broken in this case, I guess I never checked. I'll test that and report back... |
This issue could be closed since the bug is really in c-ares. |
Hi, thanks for letting us know. I'll close the ticket. bye, |
FYI, the fix in c-ares was released in version 1.20.0. |
Hi, great, thanks for your help on this. bye, |
This issue helped me figure out an incredible niche issue after switching from centos to ubuntu and having our dynamic dns entries expire after our refresh interval elapsed. After the entry got scavenged from dns it was then able to refresh itself... Unfortunately 1.20 of libc-ares2 is not available on the latest LTS of ubuntu... Just wanted to say thank you to both of you for this investigation it saved me a huge amount of time. |
Stumbled upon the following today:
sssd.conf
extract:This results in following error (
sssd -i -d10
):Some debugging later I found out this is because the
search
domain parameter in/etc/resolv.conf
is set to a dot by default, e.g.Setting a valid search domain via
Domains=domain.com
in/etc/systemd/resolved.conf
ornmcli connection modify "Wired connection 1" IPv4.dns-search "domain.com"
fixes this issue.Since we specify a valid FQDN in
/etc/sssd/sssd.conf
via thead_hostname
parameter I'd say this is a bug in SSSD but I leave it to you if this is a bug, a wontfix or enhancement. Thought I'd report it anyway.I agree it's a weird edge case to configure the dyndns options with a static IP. It's a VM we use to simulate end-user workstations and we prefer to give all our VMs a static IP.
The text was updated successfully, but these errors were encountered: