geoip2 default data path
Summary
Default geoip-database directory has undocumented value
BIND version used
BIND 9.11.11-RedHat-9.11.11-1.fc29 (Extended Support Version) <id:4ae9ff1>
running on Linux x86_64 5.2.18-100.fc29.x86_64 #1 SMP Tue Oct 1 13:32:05 UTC 2019
built by make with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-python=/usr/bin/python3' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--enable-filter-aaaa' '--with-pic' '--disable-static' '--includedir=/usr/include/bind9' '--with-tuning=large' '--with-libidn2' '--enable-openssl-hash' '--with-geoip2' '--enable-native-pkcs11' '--with-pkcs11=/usr/lib64/pkcs11/libsofthsm2.so' '--with-dlopen=yes' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-dlz-bdb=yes' '--with-gssapi=yes' '--disable-isc-spnego' '--with-lmdb=yes' '--with-libjson' '--enable-dnstap' '--with-cmocka' '--enable-fixed-rrset' '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets' '--enable-full-report' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld' 'CPPFLAGS= -DDIG_SIGCHASE' 'PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
compiled by GCC 8.3.1 20190223 (Red Hat 8.3.1-2)
compiled with OpenSSL version: OpenSSL 1.1.1c FIPS 28 May 2019
linked to OpenSSL version: OpenSSL 1.1.1d FIPS 10 Sep 2019
compiled with libxml2 version: 2.9.8
linked to libxml2 version: 20908
compiled with libjson-c version: 0.13.1
linked to libjson-c version: 0.13.1
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabledSteps to reproduce
compile with --with-geoip2, but omit geoip-directory "/usr/share/GeoIP"; option Then use GeoIP2 database.
acl "us" {
geoip country US;
};
# ...
view "default" {
match-clients { "us"; };
}
What is the current bug behavior?
/usr/share/GeoIP2 is used as default path. However, configure mentions just /usr/share/GeoIP (without trailing 2).
We at Fedora use /usr/share/GeoIP. I checked also Debian, but were unable to find where are files with new format stored. Ubuntu manual page suggests the same path as we use.
What is the expected correct behavior?
Path is either consistent with usual practice or configurable on build time.
Relevant configuration files
(Paste any relevant configuration files - please use code blocks (```)
to format console output. If submitting the contents of your
configuration file in a non-confidential Issue, it is advisable to
obscure key secrets: this can be done automatically by using
named-checkconf -px.)
Relevant logs and/or screenshots
# journalctl -u named
lis 04 20:44:22 menpad named[1485]: /etc/named/geoip.conf:3: no GeoIP2 database installed which can answer queries of type 'country'
lis 04 20:44:22 menpad named[1485]: reloading configuration failed: failurePossible fixes
I know simple patch could be used on Fedora. But my short research indicates it would not be the only one wrong. I would prepare MR with configure.ac change if it helps. Is that default path intentional?
- If no distributions use different directory, configure.ac should be fixed
- Or configurable default path should be possible
- Provide no default value and require geoip-directory