[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnunet] nsswitch not resolving VPN records
From: |
Ivan Vilata-i-Balaguer |
Subject: |
Re: [Help-gnunet] nsswitch not resolving VPN records |
Date: |
Fri, 24 Feb 2017 14:04:13 +0100 |
User-agent: |
Mutt/1.7.2 (2016-11-26) |
Christian Grothoff (2017-02-23 23:08:44 +0100) wrote:
> Dear Ivan,
>
> First of all, 0.10.1-4 is like 3+ years old, so I'm likely to have
> forgotten about some of the 350+ issues we've fixed since. Generally,
> we right now recommend people (especially devs) to use the code from
> Git, even though that's naturally somewhat unstable. That said, I
> just had reason to test the VPN resolution logic, and for me it works
> right now (in Git master).
Oh, so you probably fixed this issue already upstream.
> Anyway, about your specific problem: When the gnunet-service-gns gets
> a 'VPN' record and is expected to produce an 'A' (or 'AAAA') record,
> it must talk to gnunet-service-vpn to obtain the IPv4/IPv6 address.
> You can do the same kind of operation using the 'gnunet-vpn'
> command-line tool (specify info from VPN record, it should return the
> IP). If gnunet-service-vpn is
>
> * not running (even though it should be started automatically),
> * not working (i.e. interface not up, SUID gnunet-helper-vpn not
> properly installed)
> * or somehow not accessible (access control policy on UNIX domain
> socket, iptables blocking TCP port, etc)
>
> it will block/retry until VPN becomes available (which of course usually
> means "never" in the 3 cases above).
>
> To diagnose, you might try running 'gnunet-vpn' with the matching
> information from the VPN record as the same user that executes
> gnunet-service-gns. If that works, eh, well, then I don't know and
> would have to start debugging (but I don't debug 0.10.1 anymore).
Ok, so I got:
$ gnunet-gns -u www.gnu -t VPN
www.gnu:
Got `VPN' record: 6 XXXXXXXX bcd
So I ran:
$ gnunet-vpn -t -p XXXXXXXX -s bcd -V
But the program got stuck there. Actually there was no
``gnunet-service-vpn`` running and ``gnunet-helper-vpn`` was not SUID,
so I enabled the SUID bit. I even enabled the PL/VPN system service
with ``gnunet-setup`` for the ``gnunet`` user, but still the same
result.
Anyway, I get from your initial paragraph that it makes no sense trying
to work around issues in such an old release that may have been fixed
later. I'll try to build a newer version when I find more time!
BTW, are you planning to launch some stable release soon?
Thanks a lot for your help!
--
Ivan Vilata i Balaguer