Discussion:
[Icecast] EROR: no DNS
Zenon Panoussis
2005-01-22 23:53:32 UTC
Permalink
[2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://dir.xiph.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'dir.xiph.org'"
[2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://www.oddsock.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'www.oddsock.org'"

This happens in chroot. Out of chroot, no problems. So I did the obvious
and put a copy of etc/resolv.conf in the chroot. No avail. It clearly needs
a lot more than just resolv.conf. Probably a pile of libraries and god knows
what.

Has anybody solved this already and can give me a hint? Google returns one (1)
link for the error message
(http://article.gmane.org/gmane.comp.audio.icecast.general/4556 ) and the link
is a question, not an answer. I can't imagine myself being the second person
around to use chroot...

It's icecast-2.2.0-1 built and running on RHEL3 out of the standard issue
source rpm.

Z
--
The best defence against logic is ignorance.
Michael Smith
2005-01-23 00:41:54 UTC
Permalink
On Sun, 23 Jan 2005 00:53:32 +0100, Zenon Panoussis
Post by Zenon Panoussis
[2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://dir.xiph.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'dir.xiph.org'"
[2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://www.oddsock.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'www.oddsock.org'"
This happens in chroot. Out of chroot, no problems. So I did the obvious
and put a copy of etc/resolv.conf in the chroot. No avail. It clearly needs
a lot more than just resolv.conf. Probably a pile of libraries and god knows
what.
As you've found out, you do need a lot of stuff on modern systems (you
didn't say what OS you were using, though) to get a working resolver.

Personally, though I've used chroot, I haven't used it with anything
that requires a resolver (e.g. relays, yp), so I'm not certain exactly
what you need.

You should be able to find some info with a web search - just don't
make it icecast-specific, since there's nothing icecast-specific about
getting your name resolver working inside chroot..

Mike
Zenon Panoussis
2005-01-23 03:22:49 UTC
Permalink
Post by Michael Smith
As you've found out, you do need a lot of stuff on modern systems (you
didn't say what OS you were using, though) to get a working resolver.
Grumpf. Linking is a fine thing for space economy, but for chroot
I wish everything was static and monolithic and self-contained.
Post by Michael Smith
You should be able to find some info with a web search - just don't
make it icecast-specific...
That's a very good idea indeed; I was focusing too much on icecast
itself.

There should be a chroot package, just like the one Redhat makes for
bind. If I manage to solve this, I might take a shot at packaging the
solution.

BTW, the OS is Linux, RHEL3-flavour. I'd assume every *nix has the
same problem though.
Post by Michael Smith
If these modules are loaded after the start of icecast (the default case
on linux) and more specifically after the chroot then these also have to
be in the chroot jail as well
Indeed. I'll try the simple things to begin with. If they don't work,
strace might tell me what's missing in the chroot. It amazes me though
that nobody has run into this before.

Z
--
The best defence against logic is ignorance.
Karl Heyes
2005-01-23 03:33:37 UTC
Permalink
Post by Zenon Panoussis
Post by Michael Smith
As you've found out, you do need a lot of stuff on modern systems (you
didn't say what OS you were using, though) to get a working resolver.
Grumpf. Linking is a fine thing for space economy, but for chroot
I wish everything was static and monolithic and self-contained.
if you have the build environment and the source tree then a make static
should work

karl.
Michael Smith
2005-01-23 03:49:56 UTC
Permalink
Post by Karl Heyes
Post by Zenon Panoussis
Post by Michael Smith
As you've found out, you do need a lot of stuff on modern systems (you
didn't say what OS you were using, though) to get a working resolver.
Grumpf. Linking is a fine thing for space economy, but for chroot
I wish everything was static and monolithic and self-contained.
if you have the build environment and the source tree then a make static
should work
karl.
Except "make static" will helpfully build you a statically linked
icecast which still dynamically loads modules for the name service
(via nsswitch.conf, as you noted).

Yes, that's right: on a modern linux system (as far as I know), there
is no way to build a fully statically linked application which can do
hostname lookups. This can be rather a pain...

Mike
Zenon Panoussis
2005-01-23 04:26:05 UTC
Permalink
Post by Michael Smith
Yes, that's right: on a modern linux system (as far as I know), there
is no way to build a fully statically linked application which can do
hostname lookups.
Well yes, by building the whole OS into the application, from glibc to
each and every crucial component except the kernel itself. I said "grumpf"
about dynamic linking and chroot, but I'd probaly commit suicide if my
wish of truly static applications got fulfilled.

Z
--
The best defence against logic is ignorance.
Geoff Shang
2005-01-23 04:52:10 UTC
Permalink
It amazes me though that nobody has run into this before.
People have. And I vaguely recall someone doing some work indetermining
all that was needed and wrote to the list about it. I usually keep such
messages, but can't find it right now. But yes, I've seen about 3 or 4
separate queries about this issue.

Geoff.
Karl Heyes
2005-01-23 02:47:06 UTC
Permalink
Post by Zenon Panoussis
[2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://dir.xiph.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'dir.xiph.org'"
[2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://www.oddsock.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'www.oddsock.org'"
This happens in chroot. Out of chroot, no problems. So I did the obvious
and put a copy of etc/resolv.conf in the chroot. No avail. It clearly needs
a lot more than just resolv.conf. Probably a pile of libraries and god knows
what.
The /etc/resolv.conf file is only for DNS lookup, general hostname
lookups use the Name Service Switch (/etc/nsswitch.conf) to decide the
order of lookups. Each of those services (including DNS) may dynamically
load modules (/lib/libnss*) to perform the actual service specific
hostname lookup.

If these modules are loaded after the start of icecast (the default case
on linux) and more specifically after the chroot then these also have to
be in the chroot jail as well

karl.
Zenon Panoussis
2005-01-23 15:14:55 UTC
Permalink
Solved:

/usr/share/icecast/etc/hosts
/usr/share/icecast/etc/localtime
/usr/share/icecast/etc/resolv.conf
/usr/share/icecast/etc/ld.so.cache
/usr/share/icecast/lib/libnss_dns.so.2

This worked with the 2.2.0 RPM on FC3 and icecast was able to update
dir.xiph.org from its chroot in /usr/share/icecast . etc/hosts is not
really required unless localhost needs to be looked up.

Z
--
The best defence against logic is ignorance.
JLB
2005-01-23 15:16:57 UTC
Permalink
Or unless you're behind a NAT box and want a way to quickly contact
machines on the LAN. E.g. my machines: eowyn, goldberry, thorin,
galadriel.
Date: Sun, 23 Jan 2005 16:14:55 +0100
Subject: [Icecast] Re: EROR: no DNS
/usr/share/icecast/etc/hosts
/usr/share/icecast/etc/localtime
/usr/share/icecast/etc/resolv.conf
/usr/share/icecast/etc/ld.so.cache
/usr/share/icecast/lib/libnss_dns.so.2
This worked with the 2.2.0 RPM on FC3 and icecast was able to update
dir.xiph.org from its chroot in /usr/share/icecast . etc/hosts is not
really required unless localhost needs to be looked up.
Z
--
The best defence against logic is ignorance.
_______________________________________________
Icecast mailing list
http://lists.xiph.org/mailman/listinfo/icecast
--
J. L. Blank, Systems Administrator, twu.net

Loading...