‘directory’ statement moved $CWD during named-checkconf mid-parsing
Summary
named-checkconf was reading named.conf having several include statements each using relative filepaths.
And named-checkconf failed to read the next “relative” include clause due presumably to the directory statement in ‘options’ clause having actually changed the current working directory ($CWD) in midstream of reading the entire configuration file sets.
Reordering the ‘options-related’ include clause (that contains the directory statement) with ‘statistics-related’ include clause such that options ‘directory’ statement were done lastly after all include statements then made it possible to finish the named-checkconf without any error or warnings.
BIND version used
BIND 9.16.15-Debian (Stable Release) <id:4469e3e>
running on Linux x86_64 5.10.46 #1 SMP Fri Sep 3 13:14:05 EDT 2021
built by make with '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' '--disable-maintainer-mode' '--disable-dependency-tracking' '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' '--with-json-c' '--with-lmdb=/usr' '--with-gnu-ld' '--with-maxminddb' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' '--disable-native-pkcs11' '--enable-dnstap' 'build_alias=x86_64-li format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2'
compiled by GCC 10.2.1 20210110
compiled with OpenSSL version: OpenSSL 1.1.1k 25 Mar 2021
linked to OpenSSL version: OpenSSL 1.1.1k 25 Mar 2021
compiled with libuv version: 1.40.0
linked to libuv version: 1.40.0
compiled with libxml2 version: 2.9.10
linked to libxml2 version: 20910
compiled with json-c version: 0.15
linked to json-c version: 0.15
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
linked to maxminddb version: 1.5.2
compiled with protobuf-c version: 1.3.3
linked to protobuf-c version: 1.3.3
threads support is enabled
default paths:
named configuration: /etc/bind/named.conf
rndc configuration: /etc/bind/rndc.conf
DNSSEC root key: /etc/bind/bind.keys
nsupdate session key: //run/named/session.key
named PID file: //run/named/named.pid
named lock file: //run/named/named.lock
geoip-directory: /usr/share/GeoIPSteps to reproduce
Created two files.
File: /etc/bind/named.conf
include “options.conf”;
include “statistics.conf”;File: /etc/bind/options.conf
options {
directory “/var/lib/bind”;
};What is the current bug behavior?
Run
cd /etc/bind
touch statistics.conf
$ named-checkconf named.conf
named.conf:2: open: statistics.conf: file not foundWhat is the expected correct behavior?
Reorder include clauses such that:
File: /etc/bind/named.conf
include “statistics.conf”;
include “options.conf”;now that works!
Should not be changing $CWD during middle of parsing.
or used same $CWD regardless of the ordering/placement of “directory” statement with respect to subsequential or prior include statement(s).
Possible fixes
In v9_16_6 branch, source named-checkconf.c has a directory_callback() function which called isc_dir_chdir(directory).
Problem with chdir in general is that it was done in the middle of parsing, when it should not have changed directory … during the middle of parsing.
Some include files got read before options directory statement, the rest of the include clauses were not found.
Still identifiable in v9_17_4 branch.