[stunnel-users] Temporary failure in name resolution (Michal Trojnara)
Michal Trojnara
Michal.Trojnara at mirt.net
Fri Apr 29 18:13:39 CEST 2011
Phil Wieland wrote:
> I attach two strace reports, strace-good shows a successful use,
> strace-bad shows it failing after a reboot. In both cases I just telnet
> to localhost 55899, which gives the smtp server's banner in the good
case.
I analyzed your dumps and I was able to diagnose your problem.
Your stunnel.conf contains:
chroot = /var/lib/stunnel4/
Unfortunately this directory does not contain resolver configuration
files:
[pid 1548] open("/etc/resolv.conf", O_RDONLY) = -1 ENOENT (No such file
or directory)
[pid 1548] uname({sys="Linux", node="friedbread.liverpub.com", ...}) = 0
[pid 1548] open("/etc/hosts", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such
file or directory)
[pid 1548] stat64("/etc/resolv.conf", 0xb74a424c) = -1 ENOENT (No such
file or directory)
As the result resolver tries to send its packets to INADDR_ANY:
[pid 1548] socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 13
[pid 1548] connect(13, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
which of course fails:
[pid 1548] send(13,
"\257\271\1\0\0\1\0\0\0\0\0\0\4smtp\nblueyonder\2co\2"..., 39,
MSG_NOSIGNAL) = 39
[pid 1548] poll([{fd=13, events=POLLIN}], 1, 5000) = 1 ([{fd=13,
revents=POLLERR}])
> These are WITHOUT the suggested patch, I am not really equipped for
> building on this server.
The patch should solve your problem by causing stunnel to wait until your
resolver is available before chroot(2) is executed.
Workarounds:
1. mkdir /var/lib/stunnel4/etc && cp /etc/resolv.conf
/var/lib/stunnel4/etc/
2. Use IP address instead of host names in your stunnel.conf
3. Add static IP address of your remote host to /etc/hosts
Best regards,
Mike
More information about the stunnel-users
mailing list