BIND error

[opserve-jeffrey]

During the upgrade i seem to get an error from the bind config check without a plausible error.

2023-08-23 11:17:05,857 - INFO - ====> * check_bind
2023-08-23 11:17:05,858 - INFO - Actor parsing BIND configuration and checking for known issues in it.
2023-08-23 11:17:05,998 - INFO - Process Process-367:
2023-08-23 11:17:05,998 - INFO - Traceback (most recent call last):
2023-08-23 11:17:05,998 - INFO - File "/usr/lib64/python2.7/multiprocessing/process.py", line 258, in _bootstrap
2023-08-23 11:17:05,998 - INFO - self.run()
2023-08-23 11:17:05,998 - INFO - File "/usr/lib64/python2.7/multiprocessing/process.py", line 114, in run
2023-08-23 11:17:05,998 - INFO - self._target(*self._args, **self._kwargs)
2023-08-23 11:17:05,998 - INFO - File "/usr/lib/python2.7/site-packages/leapp/repository/actor_definition.py", line 72, in _do_run
2023-08-23 11:17:05,998 - INFO - actor_instance.run(*args, **kwargs)
2023-08-23 11:17:05,998 - INFO - File "/usr/lib/python2.7/site-packages/leapp/actors/init.py", line 290, in run
2023-08-23 11:17:05,998 - INFO - self.process(*args)
2023-08-23 11:17:05,998 - INFO - File "/usr/share/leapp-repository/repositories/system_upgrade/el7toel8/actors/checkbind/actor.py", line 32, in process
2023-08-23 11:17:05,998 - INFO - facts = iscmodel.get_facts('/etc/named.conf')
2023-08-23 11:17:05,998 - INFO - File "/usr/share/leapp-repository/repositories/system_upgrade/el7toel8/actors/checkbind/libraries/iscmodel.py", line 81, in get_facts
2023-08-23 11:17:05,998 - INFO - parser.walk(cfg.root_section(), find_calls, state)
2023-08-23 11:17:05,999 - INFO - File "/usr/share/leapp-repository/repositories/system_upgrade/el7toel8/libraries/isccfg.py", line 879, in walk
2023-08-23 11:17:05,999 - INFO - for statement in it:
2023-08-23 11:17:05,999 - INFO - File "/usr/share/leapp-repository/repositories/system_upgrade/el7toel8/libraries/isccfg.py", line 223, in next
2023-08-23 11:17:05,999 - INFO - statement = next(self.iter)
2023-08-23 11:17:05,999 - INFO - File "/usr/share/leapp-repository/repositories/system_upgrade/el7toel8/libraries/isccfg.py", line 181, in next
2023-08-23 11:17:05,999 - INFO - val = self.parser.find_next_key(cfg, index, self.section.end)
2023-08-23 11:17:05,999 - INFO - File "/usr/share/leapp-repository/repositories/system_upgrade/el7toel8/libraries/isccfg.py", line 689, in find_next_key
2023-08-23 11:17:05,999 - INFO - while istr[index] in self.CHAR_KEYWORD and index < end_index:
2023-08-23 11:17:05,999 - INFO - IndexError: string index out of range

[SandakovMM]

Could you kindly share your /etc/named.conf file with us?
It appears that there might be an issue with the configuration parsing within Leapp. Having an example of a "bad" configuration would be highly valuable for reaching out to the Leapp developers and resolving the problem.

[opserve-jeffrey]

// $Id: named.conf,v 1.1.1.1 2001/10/15 07:44:36 kap Exp $

// -- THE FOLLOWING LINES WERE GENERATED BY PLESK. IF YOU MODIFY THEM, THEY WILL BE OVERWRITTEN WHEN THESE SETTINGS ARE MANAGED IN PLESK UI. --
options {
include "/etc/named-user-options.conf";
allow-recursion {
localnets;
};
directory "/var";
pid-file "/var/run/named/named.pid";
};

key "rndc-key" {
algorithm hmac-md5;
secret "REMOVED SECRET==";
};

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};

zone "." {
type hint;
file "named.root";
};

zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
};
// -- END OF LINES GENERATED BY PLESK. --

// -- PLEASE ADD YOUR CUSTOM DIRECTIVES BELOW THIS LINE. --
// ...
// -- END OF YOUR CUSTOM DIRECTIVES. --

// -- ALL LINES BELOW WERE GENERATED BY PLESK. IF YOU MODIFY THEM, THEY WILL BE OVERWRITTEN WHEN THESE SETTINGS ARE MANAGED IN PLESK UI. --

zone "REMOVED DOMAINNAME" {
type master;
file "REMOVED DOMAINNAME";
allow-transfer {
common-allow-transfer;
};
};
acl common-allow-transfer {
none;
};

[opserve-jeffrey]

Ive removed the domain and the secret.

[SandakovMM]

Hmm, at first glance, there doesn't appear to be anything unusual.
Do you happen to have any Unicode symbols in the domain name?

[opserve-jeffrey]

no is just like domain.nl

[SandakovMM]

Alright, let me investigate what else might be causing the issue.

[SandakovMM]

By the way, wouldn't recreating the DNS configuration file help? You can do so by following these steps:

1. Restore Plesk after a failed conversion process by running ./centos2alma -r
2. Remove the DNS configuration file with rm /var/named/chroot/etc/named.conf
3. Run repair to recreate the file: plesk repair dns -y

[SandakovMM]

Could you please also provide the /etc/named-user-options.conf configuration file?

[opserve-jeffrey]

that file is empty...

[SandakovMM]

that file is empty...

Great, we have identified the root cause of the problem. To work around this issue, you can simply add a comment through the Plesk WebUI: "Tools & Settings" -> "DNS Settings" -> "Server-wide Settings" -> "Additional DNS settings". For example, you could add:

# Centos2alma workaround

I will implement an automatic workaround in the centos2alma tool to address this issue. Additionally, I will attempt to contact the elevate developers to encourage them to fix the problem on their end.

[opserve-jeffrey]

The additional field contains the following :
version "none";
auth-nxdomain no;
listen-on-v6 { any; };

If i click apply the file is still empty even with the workaround line in it. U sure just adding this line is enough and can i try upgrade to alma again ?

[SandakovMM]

If i click apply the file is still empty even with the workaround line in it.

Could you please check if /etc/named-user-options.conf is a symbolic link to /var/named/chroot/etc/named-user-options.conf? If it's not, you can simply remove the file, and centos2alma will recreate the link.

Note: If the /var/named/chroot/etc/named-user-options.conf file is empty, it seems unusual. You can try adding something to the file from the command line.

U sure just adding this line is enough and can i try upgrade to alma again ?

I'm quite certain you'll encounter the problem again during the conversion if the file is empty.
BTW. Alternatively, you can remove include "/etc/named-user-options.conf"; from /etc/named.conf, which should also resolve the issue. However, please remember to re-add the include statement once the conversion is completed.

[opserve-jeffrey]

okay, cool. Thanks for the quick response. Ive agreed with the customer to try again tomorrow @ 10.30 local time. i will get back to you after that. Thanks for now.

[SandakovMM]

Just an update:

1. The PR containing the workaround for centos2alma (Migrate to Docker-based Buck build to ensure Buck installation is fine #113) has been merged.
2. I've also submitted an issue to AlmaLinux. Hopefully, they will address and resolve the problem in the near future.

[opserve-jeffrey]

Just upgraded. Process is now in conversion but after recreating the file nothing popped up in the early stages. Thanks for your help, its really appreciated.

[opserve-jeffrey]

Ran the upgrade for the third time, mariadb had been removed from the server during the conversion. So installed that from the repo and tried to start. Problems with httpd because of the following : /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/zz010_psa_httpd.conf: Syntax error on line 26 of /etc/httpd/conf/plesk.conf.d/webmails/gh49.nl_webmail.conf:
This script really needs some work if u ask me and im really wondering if there are more users experiencing the same problems.

After trying to solve all problems i went back to a snapshot. Think i will plan this forward to Q1 next year because in total we lost 4 hours on trying to upgrade it properly.

[SandakovMM]

Ran the upgrade for the third time, mariadb had been removed from the server during the conversion.

This shouldn't have occurred. Could you kindly provide a feedback archive if you have one? What version of mariadb is installed on the server?

[opserve-jeffrey]

No sorry, dont have the archive. MariaDB10.4 was installed.

[SandakovMM]

Hmm, I've checked versions 10.3 and 10.11 yesterday.
Perhaps there's something unusual with the repository configuration. Could you please share the contents of the /etc/yum.repo.d/mariadb.repo file?

Problems with httpd because of the following

Could you also please share the /etc/httpd/conf/plesk.conf.d/webmails/gh49.nl_webmail.conf config file, so I could address the problem as well.

[opserve-jeffrey]

mariadb.repo file :

[mariadb-main]
name = MariaDB Server
baseurl = https://dlm.mariadb.com/repo/mariadb-server/10.4/yum/rhel/7/x86_64
gpgkey = file:///etc/pki/rpm-gpg/MariaDB-Server-GPG-KEY
gpgcheck = 1
enabled = 1

[mariadb-maxscale]
name = MariaDB MaxScale
baseurl = https://dlm.mariadb.com/repo/maxscale/latest/yum/rhel/7/x86_64
gpgkey = file:///etc/pki/rpm-gpg/MariaDB-MaxScale-GPG-KEY
gpgcheck = 1
enabled = 1

[mariadb-tools]
name = MariaDB Tools
baseurl = https://downloads.mariadb.com/Tools/rhel/7/x86_64
gpgkey = file:///etc/pki/rpm-gpg/MariaDB-Enterprise-GPG-KEY
gpgcheck = 1
enabled = 1

[opserve-jeffrey]

#ATTENTION!

#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
<VirtualHost 136.144.212.176:7080 127.0.0.1:7080>

ServerName "webmail.gh49.nl"

UseCanonicalName Off

DocumentRoot "/usr/share/psa-roundcube"
Alias /roundcube/ "/usr/share/psa-roundcube/"

<IfModule mod_suexec.c>
	SuexecUserGroup roundcube_sysuser roundcube_sysgroup
</IfModule>

<IfModule mod_fcgid.c>
	FcgidInitialEnv PP_CUSTOM_PHP_CGI_INDEX "plesk-php74-fastcgi"
	FcgidInitialEnv PP_CUSTOM_PHP_INI "/etc/psa-webmail/roundcube/php.ini"
	FcgidMaxRequestLen 134217728
	<Directory "/usr/share/psa-roundcube">
		Options -Indexes +FollowSymLinks
		AllowOverride FileInfo AuthConfig Limit
		Require all granted
		Include "/etc/httpd/conf/plesk.conf.d/roundcube.htaccess.inc"

		<Files ~ (\.php$)>
			SetHandler fcgid-script
			FCGIWrapper /var/www/cgi-bin/cgi_wrapper/cgi_wrapper .php
			Options +ExecCGI
		</Files>
	</Directory>
</IfModule>

#extension sslit begin

RewriteEngine On
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA]

#extension sslit end

	ServerName "webmail.gh49.nl"

	UseCanonicalName Off

	SSLEngine on
	SSLVerifyClient none
	SSLCertificateFile /usr/local/psa/var/certificates/scfZZy5I5
	SSLCACertificateFile /usr/local/psa/var/certificates/scfnZCJzH

	DocumentRoot "/usr/share/psa-roundcube"
	Alias /roundcube/ "/usr/share/psa-roundcube/"

	<IfModule mod_suexec.c>
		SuexecUserGroup roundcube_sysuser roundcube_sysgroup
	</IfModule>

	<IfModule mod_fcgid.c>
		FcgidInitialEnv PP_CUSTOM_PHP_CGI_INDEX "plesk-php74-fastcgi"
		FcgidInitialEnv PP_CUSTOM_PHP_INI "/etc/psa-webmail/roundcube/php.ini"
		FcgidMaxRequestLen 134217728
		<Directory "/usr/share/psa-roundcube">
			Options -Indexes +FollowSymLinks
			AllowOverride FileInfo AuthConfig Limit
			Require all granted
			Include "/etc/httpd/conf/plesk.conf.d/roundcube.htaccess.inc"

			<Files ~ (\.php$)>
				SetHandler fcgid-script
				FCGIWrapper /var/www/cgi-bin/cgi_wrapper/cgi_wrapper .php
				Options +ExecCGI
			</Files>
		</Directory>
	</IfModule>

	#extension sslit begin

	RewriteEngine On
	RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
	RewriteCond %{HTTPS} off
	RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA]

	#extension sslit end
</VirtualHost>

[SandakovMM]

Thank you! I'll investigate it as soon as possible

[opserve-jeffrey]

the mariadb that was installed after the upgrade came from the alma repo, thats what i saw. So maybe there are mistakes in the repo file or something ?

[SandakovMM]

It could be an issue related to repository mapping. Typically, we should be using the same MariaDB repository but for a different distribution, likely RHEL 8 in this case. However, if such a repository doesn't exist, Leapp might map MariaDB packages to those from the Alma repository.

[SandakovMM]

Regarding the mariadb.repo, it appears that the repository URLs are no longer accessible. I've checked both "https://dlm.mariadb.com/repo/mariadb-server/10.4/yum/rhel/7/x86_64" and "https://dlm.mariadb.com/repo/maxscale/latest/yum/rhel/7/x86_64," and both of them return a 404 error.

In theory, we could implement a check for all the repositories used within the scope of the conversion to prevent the removal of MariaDB.
I can't see the way how we could automatically fix it for now.