[tor-bugs] #33766 [Internal Services/Tor Sysadmin Team]: DNS renumbering procedure fails if git server is unavailable (was: DNS renumbering procedure fails if git is untouched)

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Mar 31 18:10:22 UTC 2020 

#33766: DNS renumbering procedure fails if git server is unavailable
-------------------------------------------------+-------------------------
 Reporter:  anarcat                              |          Owner:  tpa
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  High                                 |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by anarcat):

 weasel gave me a few more hints:

  6. ud-replicate *does* call the update script:

     {{{
 rebuild_zones=0
 if [ -e /var/lib/misc/thishost/dns-sshfp ]; then
   if ! cmp -s /var/lib/misc/thishost/dns-sshfp "$tempfile"; then
     rebuild_zones=1
   fi
 fi
 [..]
 if [ "${rebuild_zones}" -gt 0 ]; then
   sudo -u dnsadm /srv/dns.torproject.org/bin/update
 fi
 }}}

  7. the update can be triggered by hand with the last command above,
     `sudo -u dnsadm /srv/dns.torproject.org/bin/update`, possibly with
     `--force`

  8. the `$INCLUDE "/var/lib/misc/thishost/dns-sshfp"` from the
     `dns/domains.git` zonefile is not parsed by bind, but by
     "makezonefile or whatever it's called to syntax check and to add
     the SOA header"

 What seems to have happened here is specific to the migration of vineale
 and the git infrastructure: the `update` script failed because it could
 not pull from git (because the original server was done), and aborted
 everything.

 So the following should have happened instead:

  * `update` should have continued with the cached copy of the git repo if
 git pull failed
  * failing that, `ud-replicate` should have warned about the problem
 instead of silently succeeding, and retried until it worked

 The above two points feel like the code changes that could happen to avoid
 that problem in the future. Everything else seems like docs that could be
 thrown in `tsa/howto/ldap.mdwn`.

 But for now, i'll just go back to business as usual and try to get some
 more shit done instead.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33766#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list