Skip navigation
This discussion is archived

mdnsresponder and configd

100013 Views 90 Replies Latest reply: Aug 19, 2010 7:19 AM by Jay Bullock RSS
  • seehundnz Calculating status...
    Currently Being Moderated
    Aug 31, 2008 3:12 AM (in response to Michael St.)
    Michael St. wrote:
    Great hint!

    I had a similar problem, with configd (and hence, DHCP and all networking) not working unless the firewall was set to allow all incoming connections.

    Reconfiguring the kerberos certificates as specified in http://support.apple.com/kb/TS1245 solved it.

    Michael


    hi!

    cheers for that. worked like a charm!
    PowerBook G4 15" 1.67GHZ, Mac OS X (10.5.4), 2GB RAM
  • gokaroto Calculating status...
    Currently Being Moderated
    Sep 16, 2008 5:05 AM (in response to acdawson)
    Had the same problem after i got back my MacAir from the shop (MoBo replaced), i tried everything posted here and the only solution that worked was replacing the files as posted by acdawson. I was lucky enough to buy a time capsule b4 my Air died so i have the original files in the time machine. It's been 5 days since i repaced them and the Air had been sleeping and rebooted quite a few times and i haven't seen the anoying questions about the configd and mdnsresponder having my firewall on at all times.

    J.Oscar
    MacBook Air, Mac OS X (10.5.4)
  • Michael St. Calculating status...
    Currently Being Moderated
    Sep 30, 2008 7:59 PM (in response to gokaroto)
    Wow - I had my PowerBook lose the settings again when the battery went bad. Neither updating to 10.5.5 (which I hoped would solve the issue), nor the KDC re-init helped. I know there's application signing involved, so somewhat skeptically, I copied /usr/sbin/mDNSresponder and /usr/sbin/configd from my intel iMac (fortunately, they are fat binaries), and lo' and behold, the PowerBook gets its IP after a restart just fine - I am floored! Now, I hope it still works after prolonged sleep, though from the following it should:

    I noticed that configd had a different length, but mDNSResponder matched:

    -r-xr-xr-x 1 root wheel 423808 Mar 12 2008 configd
    -r-xr-xr-x 1 root wheel 423792 Mar 12 2008 configd.orig
    -r-xr-xr-x 1 root wheel 679200 Aug 15 16:58 mDNSResponder
    -r-xr-xr-x 1 root wheel 679200 Aug 15 16:58 mDNSResponder.orig

    This is weird.

    MD5 (configd) = 67b3ef1697620fdea940d78a1930a172
    MD5 (configd.orig) = 7dfcc66791c9f9e991fb1e3f1c82d51f
    MD5 (mDNSResponder) = db310ac7b4c582585cccf58c9fc3617d
    MD5 (mDNSResponder.orig) = db310ac7b4c582585cccf58c9fc3617d

    On both systems, configd is supposed to come from:

    /Library/Receipts/boms/com.apple.pkg.update.os.10.5.3.bom,

    and mDNSResponder from:

    /Library/Receipts/boms/com.apple.pkg.update.os.10.5.5.bom

    Hmm - let's see:

    $ lsbom -f /Library/Receipts/boms/com.apple.pkg.update.os.10.5.3.bom | grep configd
    ./usr/sbin/configd 100555 0/0 423808 3344730380

    $ cksum /usr/sbin/configd /usr/sbin/configd.orig
    3344730380 423808 /usr/sbin/configd
    492968119 423792 /usr/sbin/configd.orig

    Hmm - only the transferred file matches the chksum from the BOM. I wonder how the ".orig" got trashed ... If you've got the same problem, have a look.


    Thanks to gokaroto and acdawson!

    Regards, Michael
    iMac 24", 2.4GHz, 2GB; PowerBook G4, 1.67GHz, 2GB;, Mac OS X (10.5.5), iPhone (1G)
  • Groovetrain Calculating status...
    Currently Being Moderated
    Dec 12, 2008 10:47 AM (in response to acdawson)
    This was the only solution that worked for me also. I replaced the two files from another Leopard machine, and it worked like a charm. No more disabling my firewall just to get an IP address through DHCP. Thank you very much!

    This brings up a question: Why did this happen in the first place? Even turning off my MacBook abrupty (hard power off or removing power and battery), these files should NOT be corrupted. They're running in RAM, not off the hard disk. All I know is that a few days ago, my comp started asking to allow these services again, and it started doing the "self-assigned ip address" thing shortly after.

    Groovetrain
    Unibody MacBook Pro, Mac OS X (10.5.5)
  • Khayrallah Safar Calculating status...
    Currently Being Moderated
    Dec 23, 2008 7:00 PM (in response to lstnmysphr)
    There's an easier way.....just press Command-Shift-G and type in the directory name....
    MacMini, Mac OS X (10.5)
  • jamus j Level 1 Level 1 (15 points)
    Currently Being Moderated
    Jan 25, 2009 1:57 PM (in response to Groovetrain)
    These applications aren't corrupt, but are being resigned.

    Here's what's happening (at least to me)

    1) My clock was reset to 2001
    2) The code signature is no longer valid for the various system binaries, because the current time is outside of the validity period of code signature.
    3) Mac OS prompts the user to Allow/Deny network access
    4) Mac OS re-signs the binaries using a adhoc certificate instead of Apple's certificate
    5) Mac OS doesn't allow the binaries network access unless specifically allowed, because it's no longer signed by Apple

    This is definitely a bug of sorts; I would think that Apple shouldn't allow resigning of Apple's binaries.

    The solution is to replace these binaries with the originals; I'm going to try to reinstall the Combo 10.5.6 updater and see if it fixes it for me. Otherwise, I think it'll require an archive & install.
    PowerBook G4, Mac OS X (10.4.8)
  • Arjan van Bentem Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jan 26, 2009 3:49 AM (in response to jamus j)
    Genius, this sounds quite reasonable to me!

    I do not suffer these problems, and I get:

    codesign --display -vvvv /usr/sbin/configd

    Executable=/usr/sbin/configd
    Identifier=com.apple.configd
    Format=Mach-O universal (i386 ppc7400)
    CodeDirectory v=20001 size=1102 flags=0x0(none) hashes=50+2 location=embedded
    CDHash=c06a4a48d331bedaa9b07de742839e443de82be0
    Signature size=4064
    Authority=Software Signing
    Authority=Apple Code Signing Certification Authority
    Authority=Apple Root CA
    Info.plist=not bound
    Sealed Resources=none
    Internal requirements count=0 size=12

    The above is for

    ls -la /usr/sbin/configd
    -r-xr-xr-x 1 root wheel 423808 May 23 2008 /usr/sbin/configd

    Maybe this can help investigating?
    MacBook 2GHz 2GB, Mac OS X (10.5.6)
  • 4marcus Level 1 Level 1 (10 points)
    Currently Being Moderated
    Jan 26, 2009 11:37 AM (in response to Arjan van Bentem)
    I have the problem and executing "codesign --display -vvvv /usr/sbin/configd" delivers

    Executable=/usr/sbin/configd
    Identifier=configd
    Format=Mach-O universal (i386 ppc7400)
    CodeDirectory v=20001 size=1092 flags=0x2(adhoc) hashes=50+2 location=embedded
    CDHash=d621c859f1f9f07449a01ce866446df83aa761b0
    Signature=adhoc
    Info.plist=not bound
    Sealed Resources=none
    Internal requirements count=0 size=12

    So the signature indeed seems to be the issue. I have no deep Mac OS X knowledge. Any idea how to resign them? "Archive and Install" occurs to me as being a quite impacting approach...

    thx.
    MacBook Pro 2,53Ghz 4GB, Mac OS X (10.5.6)
  • 4marcus Level 1 Level 1 (10 points)
    Currently Being Moderated
    Jan 26, 2009 12:11 PM (in response to 4marcus)
    4marcus wrote:
    I have the problem and executing "codesign --display -vvvv /usr/sbin/configd" delivers

    Executable=/usr/sbin/configd
    Identifier=configd
    Format=Mach-O universal (i386 ppc7400)
    CodeDirectory v=20001 size=1092 flags=0x2(adhoc) hashes=50+2 location=embedded
    CDHash=d621c859f1f9f07449a01ce866446df83aa761b0
    Signature=adhoc
    Info.plist=not bound
    Sealed Resources=none
    Internal requirements count=0 size=12


    Right after my above post, I tried the advice from jamus j replacing the files:

    My problems (firewall log deny entries, no IP via DHCP) related to configd and mDNSResponder (no raccon). The problems occured after my time was reset to a 2001 date (for whatever reason).

    I did recreate the files from my time machine backup before that date. I rebooted the machine, enabled the firewall again and it seems to work.

    Now the codesign shows signature information again, such as:
    Signature size=4064
    Authority=Software Signing
    Authority=Apple Code Signing Certification Authority
    Authority=Apple Root CA
    MacBook Pro 2,53Ghz 4GB, Mac OS X (10.5.6)
  • jamus j Level 1 Level 1 (15 points)
    Currently Being Moderated
    Jan 31, 2009 8:35 AM (in response to 4marcus)
    The only way to resign it using the Apple certificate is knowing somebody in Apple who has access to the private part of the certificate and have them resign it.

    Otherwise, replacing the binary is your only option. I see that you got your file from a Time Machine backup; but for others who run into this problem that don't have a backup, maybe using Pacifist with the latest combo updater will work too.

    If I get around to it this weekend, I'll try to reproduce it and submit it as a formal bug to Apple; it looks very reproducible.
    PowerBook G4, Mac OS X (10.4.8)
  • DRADIS Calculating status...
    Currently Being Moderated
    Feb 3, 2009 6:01 PM (in response to jamus j)
    My new iMac had a main board failure that set off the same chain of events you have outlined, as that procedure cause the system clock to reset. This thread was very helpful in letting me understand the exact nature of the problem. I ran the 10.5.6 combo updater and my problems were fixed.

    I had this problem a while ago on my old Dual G5... but never realized what had caused the issue until now. I had unplugged it for 2 weeks while on vacation causing it's system clock to fail. It was also fixed by a combo updater.

    I agree that this sort of bug should be fixed by Apple. At the very least when the Apple techs replace a main board they should fix the improperly signed binaries that the change causes before handing the computer back to the user.
    24” Aluminum iMac 3.06 NVIDIA 8800 GS, Mac OS X (10.5.6)
  • Arjan van Bentem Level 1 Level 1 (0 points)
    Currently Being Moderated
    Feb 3, 2009 11:14 PM (in response to DRADIS)
    As only mDNSResponder seems to be included in the normal 10.5.6 update: did you only have problems for mDNSResponder? If not, then apparently the combo update also includes all earlier updates (which might be the goal of such combo update...)

    And do you recall if you answered "yes" on the very first prompt about allowing access (which might cause the adhoc signature to mess up things)? I guess that answering "no" and then wait until the clock is synchronised might prevent the problem from happening. Though maybe the clock cannot be automatically synchronised when these services are blocked, as your Mac might not be able to connect to the internet properly...

    lsbom -f /Library/Receipts/boms/com.apple.pkg.update.os.10.5.6.bom | grep "configd\|mDNSResponder\|racoon"
    ..
    ./usr/sbin/mDNSResponder 100555 0/0 679200 3203183380
    ..
    MacBook 1,1 - 2GHz 2GB / Mac mini 2,1 - 1.83GHz 2GB, Mac OS X (10.5.6)
  • DRADIS Level 1 Level 1 (0 points)
    Currently Being Moderated
    Feb 7, 2009 8:00 PM (in response to Arjan van Bentem)
    I believe that I did answer "no" at the time because I was still in the apple store and was not sure where this seemingly strange network activity was coming from. I do not see any problems in my firewall logs now... so, I think the combo update did include replacements for all the troubled files. It is an easy thing to try for people to try who have this issue.... you can't beat a one click fix that requires no hacking.
    24” Aluminum iMac 3.06 NVIDIA 8800 GS, Mac OS X (10.5.6)
  • deeplytroubled Calculating status...
    Currently Being Moderated
    Feb 14, 2009 9:28 PM (in response to William Brawley)
    to any mac company folks reading this:

    this is happening to my 1 week old, $2500 computer as well. WHY??!!! Mac is supposed to be user-friendly. I can't imagine for the life of me why I should have to dig around in system keychain blah blah for a simple internet connection. This is an infuriating joke. Fix it, for christ's sake.

    thanks for your patience, everyone else.
    macbook pro, Mac OS X (10.5.6), brand spanking new
  • Arjan van Bentem Level 1 Level 1 (0 points)
    Currently Being Moderated
    Feb 15, 2009 7:07 AM (in response to deeplytroubled)
    Hmmm, I assume you're the first to encounter this for a brand new MacBook

    For most posts in this discussion I can image what happened: either the backup battery on the logic board (the one that keeps the clock running when the power is disconnected or the rechargeable battery is empty) was exhausted after some years, or it was somehow unplugged during repair. For your brand new Mac I cannot imagine that either case could apply.

    I assume it did work well for some days after unpacking? Can you somehow recall what might have caused the trouble to start for your Mac?

    Which of the programs is bothering you (configd, mDNSResponder, racoon)?

    Your signature states you've got a MacBook, so: was the battery fully discharged? (For a non-portable: was the power disconnected for a long time?) If yes, then I guess that the logic board backup battery is faulty -- I'd take it back to the store then but well, that is a hassle as well of course.

    Or might it have started after some software updates?

    Are you comfortable using the shell command line, and if yes, do you indeed see the line "Signature=adhoc" when running one of the following commands?

    codesign --display -vvv /usr/sbin/configd
    codesign --display -vvv /usr/sbin/mDNSResponder
    codesign --display -vvv /usr/sbin/racoon

    If this is your first Mac: they're fine machines, normally, so keep faith!
    MacBook 1,1 - 2GHz 2GB / Mac mini 2,1 - 1.83GHz 2GB, Mac OS X (10.5.6)

Actions

More Like This

  • Retrieving data ...

Bookmarked By (1)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.