更新時容易破壞信任鏈

tag-icon tag-icon ubuntu apt-get
更新時容易破壞信任鏈

今天早上我重新啟動了伺服器並在執行操作時發現了一個問題apt-get update

Err:1 http://hwraid.le-vert.net/ubuntu xenial InRelease
  Could not resolve 'hwraid.le-vert.net'
Err:2 http://ppa.launchpad.net/certbot/certbot/ubuntu xenial InRelease                                        
  Could not resolve 'ppa.launchpad.net'
Err:3 http://us.archive.ubuntu.com/ubuntu xenial InRelease                                                    
  Could not resolve 'us.archive.ubuntu.com'
Err:4 http://ppa.launchpad.net/ondrej/php/ubuntu xenial InRelease           
  Could not resolve 'ppa.launchpad.net'
Err:5 http://security.ubuntu.com/ubuntu xenial-security InRelease      
  Could not resolve 'security.ubuntu.com'
Err:6 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease     
  Could not resolve 'us.archive.ubuntu.com'
Err:7 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease
  Could not resolve 'us.archive.ubuntu.com'
Err:8 http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.2 InRelease
  Could not resolve 'repo.mongodb.org'
Err:9 https://download.docker.com/linux/ubuntu xenial InRelease
  Could not resolve host: download.docker.com
Err:10 https://deb.nodesource.com/node_8.x xenial InRelease
  Could not resolve host: deb.nodesource.com
Reading package lists... Done
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/xenial/InRelease  Could not resolve 'us.archive.ubuntu.com'
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/xenial-updates/InRelease  Could not resolve 'us.archive.ubuntu.com'
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/xenial-backports/InRelease  Could not resolve 'us.archive.ubuntu.com'
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/xenial-security/InRelease  Could not resolve 'security.ubuntu.com'
W: Failed to fetch https://download.docker.com/linux/ubuntu/dists/xenial/InRelease  Could not resolve host: download.docker.com
W: Failed to fetch http://hwraid.le-vert.net/ubuntu/dists/xenial/InRelease  Could not resolve 'hwraid.le-vert.net'
W: Failed to fetch http://ppa.launchpad.net/certbot/certbot/ubuntu/dists/xenial/InRelease  Could not resolve 'ppa.launchpad.net'
W: Failed to fetch http://repo.mongodb.org/apt/ubuntu/dists/xenial/mongodb-org/3.2/InRelease  Could not resolve 'repo.mongodb.org'
W: Failed to fetch https://deb.nodesource.com/node_8.x/dists/xenial/InRelease  Could not resolve host: deb.nodesource.com
W: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/dists/xenial/InRelease  Could not resolve 'ppa.launchpad.net'
W: Some index files failed to download. They have been ignored, or old ones used instead.

現在這不是什麼大問題,我知道常見問題和修復apt並嘗試了其中的一些問題,但是在我的故障排除過程中,我遇到了一些有趣的事情,每當我在中運行更新時,syslog我都會得到以下資訊:

Dec 10 09:11:37 magic named[2715]: validating _http._tcp.us.archive.ubuntu.com/SRV: bad cache hit (com/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.us.archive.ubuntu.com/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating _http._tcp.repo.mongodb.org/SRV: bad cache hit (org/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.repo.mongodb.org/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating _http._tcp.ppa.launchpad.net/SRV: bad cache hit (net/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.ppa.launchpad.net/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating _http._tcp.hwraid.le-vert.net/SRV: bad cache hit (net/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.hwraid.le-vert.net/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating _http._tcp.security.ubuntu.com/SRV: bad cache hit (com/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.security.ubuntu.com/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating deb.nodesource.com/A: bad cache hit (com/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving 'deb.nodesource.com/A/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating download.docker.com/CNAME: bad cache hit (com/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving 'download.docker.com/A/IN': 10.0.2.1#53
...

我不知道這意味著什麼,到目前為止,谷歌搜尋並沒有幫助我,這意味著什麼以及如何成功修復它?

答案1

「無法解析」表示您遇到了 DNS 解析問題,這反過來又導致信任鏈中斷。我會檢查您的 DNS 設定 -ping對網域名稱(而不是 IP 位址)進行簡單的操作應該可以證實這一理論。舉個例子試試ping us.archive.ubuntu.com

相關內容