Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 113935 - net-analyzer/snort-2.3.3 can't resolve hostnames in config on default runlevel
Summary: net-analyzer/snort-2.3.3 can't resolve hostnames in config on default runlevel
Status: RESOLVED CANTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: Netmon Herd
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-11-29 12:24 UTC by Eric Brown
Modified: 2005-11-29 17:24 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Eric Brown 2005-11-29 12:24:49 UTC
Snort is in my default runlevel and it fails to start up with an error like this:
FATAL ERROR: ERROR /etc/snort/rules/sql.rules(8): Couldn't resolve hostname apollo

(it gives the error in sql.rules because the host apollo was listed as an SQL
server)


This is interesting because if I zap it and start it when I log in, it starts up
without any problems.

It seems like there's some kind of network dependency that's not completely
initialized when this service comes up, causing temporary failure of name
resolution.

I think this theory is further supported by another bug I had to open on this
machine: http://bugs.gentoo.org/show_bug.cgi?id=109803 (it's about ntp-client
failing to start on default runlevel, and starting fine when I log in).

Could this be related to parallel startup or something?

I am using baselayout-1.11.13-r1

Reproducible: Always
Steps to Reproduce:
1.
2.
3.




Portage 2.0.51.22-r3 (hardened/x86/2.6, gcc-3.3.6, glibc-2.3.5-r2, 2.6.14-harden
ed i686)
=================================================================
System uname: 2.6.14-hardened i686 Intel(R) Xeon(TM) CPU 3.00GHz
Gentoo Base System version 1.6.13
dev-lang/python:     2.3.5-r2, 2.4.2
sys-apps/sandbox:    1.2.12
sys-devel/autoconf:  2.13, 2.59-r6
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1
sys-devel/libtool:   1.5.20
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=pentium4 -fomit-frame-pointer -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/
config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O2 -march=pentium4 -fomit-frame-pointer -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig distlocks sandbox sfperms strict"
GENTOO_MIRRORS="ftp://gentoo.chem.wisc.edu/gentoo"
MAKEOPTS="-j8"
PKGDIR="/usr/portage//packages/x86/"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage/"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://raptor.magbank.com/gentoo-portage"
USE="x86 berkdb bzip2 crypt curl doc fam fastcgi gif hardened imap jpeg ldap lib
clamav maildir mailwrapper mmx nfsv4 nptl nptl-only pam pcre perl pic png postgr
es python readline samba sasl sse ssl tcpd tiff unicode vhosts zlib userland_GNU
 kernel_linux elibc_glibc"
Unset:  ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS
Comment 1 Eric Brown 2005-11-29 12:38:38 UTC
I have extra information and a workaround:

First, I run 2 instances of snort, using separate config files, separate init
scripts

Second, if I change /etc/conf.d/rc and turn off parallel startup to "no", both
snort instances start without problem.

changing strict net checking to yes had no effect.
Comment 2 Benjamin Smee (strerror) (RETIRED) gentoo-dev 2005-11-29 13:11:33 UTC
this is as a result of using parallel startup and there isn't much we can do
about it. As parallel start up is not enabled by default (and I believe still an
experimental feature) then there is nothing else we can do about it.
Comment 3 Eric Brown 2005-11-29 17:24:35 UTC
parallel start was on by default on my machine.