On 30/04/11 11:00, stunnel-users-request@stunnel.org wrote:
Your stunnel.conf contains: chroot = /var/lib/stunnel4/
Unfortunately this directory does not contain resolver configuration files:
[]
These are WITHOUT the suggested patch, I am not really equipped for building on this server.
The patch should solve your problem by causing stunnel to wait until your resolver is available before chroot(2) is executed.
Workarounds:
- mkdir /var/lib/stunnel4/etc&& cp /etc/resolv.conf
/var/lib/stunnel4/etc/ 2. Use IP address instead of host names in your stunnel.conf 3. Add static IP address of your remote host to /etc/hosts
Best regards, Mike
Many thanks for the analysis, Mike. I'll have to organise myself to build so I can apply the patch.
Can I be really cheeky and ask one more question? Why does the problem not go away when my resolver is available - Shouldn't stunnel look again for this stuff after getting a temporary error?
Thanks again,
Phil
On 30/04/11 13:53, Phil Wieland wrote:
Many thanks for the analysis, Mike. I'll have to organise myself to build so I can apply the patch.
Can I be really cheeky and ask one more question? Why does the problem not go away when my resolver is available - Shouldn't stunnel look again for this stuff after getting a temporary error?
Update:
I have now recreated the problem on a 'spare' server, applied the patch and rebuilt and I can confirm the fix.
Thanks again.
Phil
Phil Wieland wrote:
Can I be really cheeky and ask one more question? Why does the problem not go away when my resolver is available - Shouldn't stunnel look again for this stuff after getting a temporary error?
Stunnel first tries to resolve addresses while reading configuration file (before chroot), and than if the initial attempt failed, stunnel makes another attempt while opening each connection (after chroot). The latter method failed, because you didn't have resolver configuration files within your chroot directory.
Mike
-
Michal Trojnara -
Phil Wieland