[2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://dir.xiph.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'dir.xiph.org'" [2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://www.oddsock.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'www.oddsock.org'" This happens in chroot. Out of chroot, no problems. So I did the obvious and put a copy of etc/resolv.conf in the chroot. No avail. It clearly needs a lot more than just resolv.conf. Probably a pile of libraries and god knows what. Has anybody solved this already and can give me a hint? Google returns one (1) link for the error message (http://article.gmane.org/gmane.comp.audio.icecast.general/4556 ) and the link is a question, not an answer. I can't imagine myself being the second person around to use chroot... It's icecast-2.2.0-1 built and running on RHEL3 out of the standard issue source rpm. Z -- The best defence against logic is ignorance.
On Sun, 23 Jan 2005 00:53:32 +0100, Zenon Panoussis <oracle@provocation.net> wrote:> > [2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://dir.xiph.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'dir.xiph.org'" > [2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://www.oddsock.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'www.oddsock.org'" > > This happens in chroot. Out of chroot, no problems. So I did the obvious > and put a copy of etc/resolv.conf in the chroot. No avail. It clearly needs > a lot more than just resolv.conf. Probably a pile of libraries and god knows > what.As you've found out, you do need a lot of stuff on modern systems (you didn't say what OS you were using, though) to get a working resolver. Personally, though I've used chroot, I haven't used it with anything that requires a resolver (e.g. relays, yp), so I'm not certain exactly what you need. You should be able to find some info with a web search - just don't make it icecast-specific, since there's nothing icecast-specific about getting your name resolver working inside chroot.. Mike
On Sat, 2005-01-22 at 23:53, Zenon Panoussis wrote:> [2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://dir.xiph.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'dir.xiph.org'" > [2005-01-22 23:31:17] EROR yp/send_to_yp connection to http://www.oddsock.org/cgi-bin/yp-cgi failed with "Couldn't resolve host 'www.oddsock.org'" > > This happens in chroot. Out of chroot, no problems. So I did the obvious > and put a copy of etc/resolv.conf in the chroot. No avail. It clearly needs > a lot more than just resolv.conf. Probably a pile of libraries and god knows > what.The /etc/resolv.conf file is only for DNS lookup, general hostname lookups use the Name Service Switch (/etc/nsswitch.conf) to decide the order of lookups. Each of those services (including DNS) may dynamically load modules (/lib/libnss*) to perform the actual service specific hostname lookup. If these modules are loaded after the start of icecast (the default case on linux) and more specifically after the chroot then these also have to be in the chroot jail as well karl.
Michael Smith wrote:> As you've found out, you do need a lot of stuff on modern systems (you > didn't say what OS you were using, though) to get a working resolver.Grumpf. Linking is a fine thing for space economy, but for chroot I wish everything was static and monolithic and self-contained.> You should be able to find some info with a web search - just don't > make it icecast-specific...That's a very good idea indeed; I was focusing too much on icecast itself. There should be a chroot package, just like the one Redhat makes for bind. If I manage to solve this, I might take a shot at packaging the solution. BTW, the OS is Linux, RHEL3-flavour. I'd assume every *nix has the same problem though. Karl Heyes wrote:> If these modules are loaded after the start of icecast (the default case > on linux) and more specifically after the chroot then these also have to > be in the chroot jail as wellIndeed. I'll try the simple things to begin with. If they don't work, strace might tell me what's missing in the chroot. It amazes me though that nobody has run into this before. Z -- The best defence against logic is ignorance.
Solved: /usr/share/icecast/etc/hosts /usr/share/icecast/etc/localtime /usr/share/icecast/etc/resolv.conf /usr/share/icecast/etc/ld.so.cache /usr/share/icecast/lib/libnss_dns.so.2 This worked with the 2.2.0 RPM on FC3 and icecast was able to update dir.xiph.org from its chroot in /usr/share/icecast . etc/hosts is not really required unless localhost needs to be looked up. Z -- The best defence against logic is ignorance.
Or unless you're behind a NAT box and want a way to quickly contact machines on the LAN. E.g. my machines: eowyn, goldberry, thorin, galadriel. On Sun, 23 Jan 2005, Zenon Panoussis wrote:> Date: Sun, 23 Jan 2005 16:14:55 +0100 > From: Zenon Panoussis <oracle@provocation.net> > To: icecast@xiph.org > Subject: [Icecast] Re: EROR: no DNS > > > Solved: > > /usr/share/icecast/etc/hosts > /usr/share/icecast/etc/localtime > /usr/share/icecast/etc/resolv.conf > /usr/share/icecast/etc/ld.so.cache > /usr/share/icecast/lib/libnss_dns.so.2 > > This worked with the 2.2.0 RPM on FC3 and icecast was able to update > dir.xiph.org from its chroot in /usr/share/icecast . etc/hosts is not > really required unless localhost needs to be looked up. > > Z > > > -- > The best defence against logic is ignorance. > _______________________________________________ > Icecast mailing list > Icecast@xiph.org > http://lists.xiph.org/mailman/listinfo/icecast >-- J. L. Blank, Systems Administrator, twu.net