Skip to content

DNS sub-server creation leaves inconsistent slave state after "Missing file to read" in feature-dns.pl #1186

New issue
New issue
Open
Open
DNS sub-server creation leaves inconsistent slave state after "Missing file to read" in feature-dns.pl#1186
@jens-ingo

Description

@jens-ingo
jens-ingo
opened on Mar 11, 2026

Observed on:

  • Debian Linux 11
  • Webmin 2.621
  • Virtualmin 8.1.0 GPL
  • Authentic Theme 26.22

System:

  • BIND with master + multiple slave authoritative DNS servers
  • DNS slaves use zone transfers from master
  • BIND views enabled in slave configuration for one DNS server

Issue:

When saving or creating a sub-server with DNS enabled, Virtualmin reports:

DNS for domain failed : Missing file to read at virtual_server::/usr/share/webmin/virtual-server/feature-dns.pl line 4026

The UI simultaneously shows:

Adding new DNS zone .. done

Observed result:

The zone is not always created consistently across authoritative DNS servers.

In this case:

  • master zone was created on the primary server
  • one slave returned NXDOMAIN
  • one slave returned SERVFAIL
  • one slave had an invalid local zone file
  • manual BIND cleanup and slave retransfer were required

This produced intermittent production failures because different authoritative DNS servers answered differently depending on which one clients reached.

Practical impact:

Users experienced random connection failures to a production CRM host because DNS resolution became inconsistent across authoritative nameservers.

Manual investigation showed:

  • partial slave zone creation
  • invalid transferred zone file on one slave
  • one slave BIND config became inconsistent after zone insertion
  • manual correction required before all slaves returned identical answers again

After cleanup, all authoritative servers answered correctly again.

Possible cause:

feature-dns.pl appears to attempt read_file_lines() before file state is fully consistent, or before slave-side zone state is safely established.

This may especially appear in environments using:

  • BIND master/slave topology
  • authoritative slave replication
  • views

The issue is not only cosmetic: it can lead to intermittent authoritative DNS inconsistency in production.

The issue seems related to recent DNS regressions already reported around Virtualmin 8.x.

I can provide exact zone snippets if useful.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions