MAAS

BIND ignores nanoseconds field in timestamps, fails to load newer versions of zones on reload

Series 1.9
Bug #1553176

Bug #1553176 reported by LaMont Jones on 2016-03-04

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
BIND	Fix Released	Undecided	Unassigned
MAAS	Fix Released	Undecided	Unassigned	MAAS 2.0.0
1.9	Fix Committed	High	Unassigned	MAAS 1.9.5
bind9 (Ubuntu)	Fix Released	High	LaMont Jones	Ubuntu trusty-updates
Trusty	Fix Released	Undecided	LaMont Jones	Ubuntu trusty-updates
Xenial	Fix Released	Undecided	Unassigned

Bug Description

Since 2.6, linux has supported nanosecond granular time in stat(2) returns. BIND has a comment in the code that it might use it, but continues to ignore it.

As of 9.9.3b2, named checks the time of (at least) zone files on disk (expanding to include include files in 9.10.0a2). Because the check is only done to a granularity of seconds, changing the zone file twice in the same second can cause BIND to decide that it need not reload the zone, even though it is out of date.

[Impact]

* If a zone file is changed (generally by automated processes) more than once in a second, bind9 happily thinks it has already loaded the zone. A trivial demonstration of the bug can be seen at paste.ubuntu.com/23921121/ -- http://paste.ubuntu.com/23921176/ is the same test with the fixed code. Making this a test case is somewhat problematic in that it needs to make sure that they happen inside of the same second.

* MAAS is exactly the sort of use case that hits this bug.

* The upload changes BIND's utility function to actual use the st_mtim.tv_nsec instead of '0'.

[Test Case]

* See the pastebin above. (Change a zone file and reload it, and then do it again less than a second later.)

[Regression Potential]

* Ignoring the whole "rebuilds sometimes break things", the most likely regression would be one where something was either relying on BIND not reloading the dozone (unlikely), or otherwise relying on the modify time on a zone file to some arbitrary value.

[Other Info]

This bug was fixed in 1:9.10.3.dfsg.P2-5, which landed in xenial March 2016.

See original description

Tags:

Related branches

lp://staging/~lamont/maas/packaging-bug-1553176

Merged into lp://staging/~maas-maintainers/maas/packaging at revision 453

Andres Rodriguez (community): Approve on 2016-03-07

lp://staging/~lamont/maas/bug-1553176-1.9

Merged into lp://staging/maas/1.9 at revision 4598

Mike Pontillo (community): Approve on 2017-02-04

lp://staging/~lamont/maas/bug-1553176-1.9-packaging

Merged into lp://staging/~maas-maintainers/maas/packaging-1.9 at revision 439

Mike Pontillo (community): Approve on 2017-02-04

Revision history for this message

LaMont Jones (lamont) wrote on 2016-03-04:

patch to fix the issue. Edit (314 bytes, text/plain)

Revision history for this message

LaMont Jones (lamont) wrote on 2016-03-04:

Fixed in 1:9.10.3.dfsg.P2-5

Changed in bind9 (Ubuntu):
importance:	Undecided → High
status:	New → Fix Released

Revision history for this message

LaMont Jones (lamont) wrote on 2016-03-04:

This also affects 9.9.5 in trusty and later.

Changed in bind9 (Ubuntu):
milestone:	none → trusty-updates
status:	Fix Released → Confirmed

Ubuntu Foundations Team Bug Bot (crichton) on 2016-03-04

tags:

added: patch

Revision history for this message

LaMont Jones (lamont) wrote on 2016-03-15:

Fixed in alpha2

Changed in maas:
milestone:	none → 2.0.0
status:	New → Fix Committed

Revision history for this message

LaMont Jones (lamont) wrote on 2016-04-19:

The Ubuntu (and Debian) tree for BIND includes a patch in 9.10 that fixes this, and the bug has been filed upstream.

Changed in bind:
status:	New → Fix Committed
Changed in bind9 (Ubuntu):
assignee:	nobody → LaMont Jones (lamont)
Changed in bind:
status:	Fix Committed → Fix Released

Andres Rodriguez (andreserl) on 2016-08-18

Changed in maas:
status:	Fix Committed → Fix Released

LaMont Jones (lamont) on 2017-02-03

description:

updated

LaMont Jones (lamont) on 2017-02-03

description:	updated
Changed in bind9 (Ubuntu Xenial):
status:	New → Fix Released

Revision history for this message

Adam Conrad (adconrad) wrote on 2017-02-03: Please test proposed package

Hello LaMont, or anyone else affected,

Accepted bind9 into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.12 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in bind9 (Ubuntu Trusty):
status:	New → Fix Committed
tags:	added: verification-needed
Changed in bind9 (Ubuntu):
status:	Confirmed → Fix Released
Changed in bind9 (Ubuntu Trusty):
assignee:	nobody → LaMont Jones (lamont)

Revision history for this message

LaMont Jones (lamont) wrote on 2017-02-04:

Verified trusty using the same test as found in http://paste.ubuntu.com/23921176/

tags:	added: verification-done removed: verification-needed
Changed in bind9 (Ubuntu Trusty):
milestone:	none → trusty-updates

Revision history for this message

Brian Murray (brian-murray) wrote on 2017-02-13: Update Released

The verification of the Stable Release Update for bind9 has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-02-13:

This bug was fixed in the package bind9 - 1:9.9.5.dfsg-3ubuntu0.12

---------------
bind9 (1:9.9.5.dfsg-3ubuntu0.12) trusty; urgency=medium

* Backport (70_precise_mtime.diff) 18b87b2a58d422fe4d3073540bf89b5a812ed2e5
to trusty. LP: #1553176

-- LaMont Jones <email address hidden> Fri, 03 Feb 2017 13:13:21 -0700

Changed in bind9 (Ubuntu Trusty):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

patch to fix the issue. Edit

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.