apt-get 更新时信任链断裂

apt-get 更新时信任链断裂

今天早上我重新启动了服务器并在执行以下操作时发现了一个问题apt-get update

Err:1 http://hwraid.le-vert.net/ubuntu xenial InRelease
  Could not resolve 'hwraid.le-vert.net'
Err:2 http://ppa.launchpad.net/certbot/certbot/ubuntu xenial InRelease                                        
  Could not resolve 'ppa.launchpad.net'
Err:3 http://us.archive.ubuntu.com/ubuntu xenial InRelease                                                    
  Could not resolve 'us.archive.ubuntu.com'
Err:4 http://ppa.launchpad.net/ondrej/php/ubuntu xenial InRelease           
  Could not resolve 'ppa.launchpad.net'
Err:5 http://security.ubuntu.com/ubuntu xenial-security InRelease      
  Could not resolve 'security.ubuntu.com'
Err:6 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease     
  Could not resolve 'us.archive.ubuntu.com'
Err:7 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease
  Could not resolve 'us.archive.ubuntu.com'
Err:8 http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.2 InRelease
  Could not resolve 'repo.mongodb.org'
Err:9 https://download.docker.com/linux/ubuntu xenial InRelease
  Could not resolve host: download.docker.com
Err:10 https://deb.nodesource.com/node_8.x xenial InRelease
  Could not resolve host: deb.nodesource.com
Reading package lists... Done
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/xenial/InRelease  Could not resolve 'us.archive.ubuntu.com'
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/xenial-updates/InRelease  Could not resolve 'us.archive.ubuntu.com'
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/xenial-backports/InRelease  Could not resolve 'us.archive.ubuntu.com'
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/xenial-security/InRelease  Could not resolve 'security.ubuntu.com'
W: Failed to fetch https://download.docker.com/linux/ubuntu/dists/xenial/InRelease  Could not resolve host: download.docker.com
W: Failed to fetch http://hwraid.le-vert.net/ubuntu/dists/xenial/InRelease  Could not resolve 'hwraid.le-vert.net'
W: Failed to fetch http://ppa.launchpad.net/certbot/certbot/ubuntu/dists/xenial/InRelease  Could not resolve 'ppa.launchpad.net'
W: Failed to fetch http://repo.mongodb.org/apt/ubuntu/dists/xenial/mongodb-org/3.2/InRelease  Could not resolve 'repo.mongodb.org'
W: Failed to fetch https://deb.nodesource.com/node_8.x/dists/xenial/InRelease  Could not resolve host: deb.nodesource.com
W: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/dists/xenial/InRelease  Could not resolve 'ppa.launchpad.net'
W: Some index files failed to download. They have been ignored, or old ones used instead.

现在这不是什么大问题,我知道常见问题和修复方法apt,并尝试了其中的一些,但是在故障排除过程中,我遇到了一些有趣的事情,每当我运行更新时,syslog我都会得到以下信息:

Dec 10 09:11:37 magic named[2715]: validating _http._tcp.us.archive.ubuntu.com/SRV: bad cache hit (com/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.us.archive.ubuntu.com/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating _http._tcp.repo.mongodb.org/SRV: bad cache hit (org/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.repo.mongodb.org/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating _http._tcp.ppa.launchpad.net/SRV: bad cache hit (net/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.ppa.launchpad.net/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating _http._tcp.hwraid.le-vert.net/SRV: bad cache hit (net/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.hwraid.le-vert.net/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating _http._tcp.security.ubuntu.com/SRV: bad cache hit (com/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving '_http._tcp.security.ubuntu.com/SRV/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating deb.nodesource.com/A: bad cache hit (com/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving 'deb.nodesource.com/A/IN': 10.0.2.1#53
Dec 10 09:11:37 magic named[2715]: validating download.docker.com/CNAME: bad cache hit (com/DS)
Dec 10 09:11:37 magic named[2715]: broken trust chain resolving 'download.docker.com/A/IN': 10.0.2.1#53
...

我不知道这是什么意思,而且到目前为止用 Google 搜索也没有帮助我,这是什么意思,我该如何成功修复它?

答案1

“无法解析”表明您遇到了 DNS 解析问题,这反过来又导致信任链中断。我会检查您的 DNS 设置 -ping对域名(而不是 IP 地址)进行简单操作应该可以证实这一理论。ping us.archive.ubuntu.com例如,尝试一下。

相关内容