[Opendnssec-user] ODS v1.2.0 signer crash : "double free or corruption"

Laurent Bauer l.bauer at mailclub.fr
Thu Feb 24 16:35:46 UTC 2011

	Hi all,

I'm having a hard time signing my first zone with opendnssec. The signer
crashes on the first attempt to sign the zone.

I started several weeks ago with opendnssec 1.1, then compiled/installed
version 1.2.0, then purged all, and checked there were no binaries/conf
left, and installed the ubuntu packages :
ii  opendnssec                           1.2.0-1~maverick+1
ii  opendnssec-auditor                   1.2.0-1~maverick+1
ii  opendnssec-common                    1.2.0-1~maverick+1
ii  opendnssec-enforcer                  1.2.0-1~maverick+1
ii  opendnssec-enforcer-sqlite3          1.2.0-1~maverick+1
ii  opendnssec-signer                    1.2.0-1~maverick+1

Here is what I did :
- setup softhsm
- used the default conf.xml, except for softhsm token / PIN
- written a zone to /var/lib/opendnssec/unsigned using 'dig -t axfr',
"chowned" it to opendnssec:opendnssec
- started the enforcer
- started the signer

The enforcer is fine, it generated the keys and signconf.
But the signer crashed with a "double free or corruption" exception :

The ods-signerd process stops running, though the PID file still exists
in /var/run/opendnssec/signerd.pid.

And here is the syslog :

Feb 24 17:32:00 pc273 ods-signerd: signer engine started
Feb 24 17:32:00 pc273 ods-signerd: unable to open file
demo-serveur.fr.rrsigs for reading: No such file or directory
Feb 24 17:32:00 pc273 ods-signerd: unable to open file
demo-serveur.fr.task for reading: No such file or directory

As a matter of fact, these .rrsigs and .task files are missing :

root at pc273:/var/lib/opendnssec# ls -l /var/lib/opendnssec/tmp/
total 20
-rw-r--r-- 1 opendnssec opendnssec 2365 2011-02-24 17:04
-rw-r--r-- 1 opendnssec opendnssec  907 2011-02-24 17:04
-rw-r--r-- 1 opendnssec opendnssec  411 2011-02-24 17:03 demo-serveur.fr.sc
-rw-r--r-- 1 opendnssec opendnssec  155 2011-02-24 17:04
-rw-r--r-- 1 opendnssec opendnssec  709 2011-02-24 17:04

But if it were the only problem, I would expect a simple error message
just like when the signconf is missing.

I checked the permissions, even tried to comment the <Privilege> tags to
make the daemons run as root.
I purged the database, zonelist, temp files and HSM each time, to make
it a fresh start, but still ran into this same problem.

I'm running out ouf ideas. Does anybody have a clue ?



More information about the Opendnssec-user mailing list