[Pkg-dns-devel] Bug#807132: unbound-control breaks systemctl stop/start
Rudy Broersma
tozz at kijkt.tv
Sat Dec 5 20:28:18 UTC 2015
Package: unbound
Version: 1.5.6-1
Severity: important
Dear Maintainer,
On our machine with Debian Stretch with all updates (as of 2015/12/05) we noticed
that sometimes unbound failed to start. I believe this has something to do
with unbound-control and systemctl.
eg.:
# Normal situation:
root at nscache1:~# systemctl status unbound.service
● unbound.service
Loaded: loaded (/etc/init.d/unbound; bad; vendor preset: enabled)
Drop-In: /run/systemd/generator/unbound.service.d
└─50-insserv.conf-$named.conf, 50-unbound-$named.conf
Active: active (running) since Fri 2015-12-04 17:10:37 CET; 1 day 4h ago
Docs: man:systemd-sysv-generator(8)
Process: 8864 ExecStop=/etc/init.d/unbound stop (code=exited, status=0/SUCCESS)
Process: 8901 ExecStart=/etc/init.d/unbound start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/unbound.service
└─8911 /usr/sbin/unbound
# Now we stop unbound using unbound-control:
root at nscache1:~# unbound-control stop
ok
# We check its status. Notice the "active (exited)":
root at nscache1:~# systemctl status unbound.service
● unbound.service
Loaded: loaded (/etc/init.d/unbound; bad; vendor preset: enabled)
Drop-In: /run/systemd/generator/unbound.service.d
└─50-insserv.conf-$named.conf, 50-unbound-$named.conf
Active: active (exited) since Fri 2015-12-04 17:10:37 CET; 1 day 4h ago
Docs: man:systemd-sysv-generator(8)
Process: 8864 ExecStop=/etc/init.d/unbound stop (code=exited, status=0/SUCCESS)
Process: 8901 ExecStart=/etc/init.d/unbound start (code=exited, status=0/SUCCESS)
# We now start it again using systemctl (in our case, this is done by Puppet)
# but the issue also occurs when doing manual start using systemctl:
root at nscache1:~# systemctl start unbound.service
# And we check its status. As can be shown, the service is still "active (exited)"
# and is indeed _NOT_ running. This is where I believe there is a bug. The service
# should have started by now.
root at nscache1:~# systemctl status unbound.service
● unbound.service
Loaded: loaded (/etc/init.d/unbound; bad; vendor preset: enabled)
Drop-In: /run/systemd/generator/unbound.service.d
└─50-insserv.conf-$named.conf, 50-unbound-$named.conf
Active: active (exited) since Fri 2015-12-04 17:10:37 CET; 1 day 4h ago
Docs: man:systemd-sysv-generator(8)
Process: 8864 ExecStop=/etc/init.d/unbound stop (code=exited, status=0/SUCCESS)
Process: 8901 ExecStart=/etc/init.d/unbound start (code=exited, status=0/SUCCESS)
# To resolve the issue, we stop the service:
root at nscache1:~# systemctl stop unbound.service
# And check its status: (which is now the correct status: inactive dead)
root at nscache1:~# systemctl status unbound.service
● unbound.service
Loaded: loaded (/etc/init.d/unbound; bad; vendor preset: enabled)
Drop-In: /run/systemd/generator/unbound.service.d
└─50-insserv.conf-$named.conf, 50-unbound-$named.conf
Active: inactive (dead) since Sat 2015-12-05 21:20:56 CET; 3s ago
Docs: man:systemd-sysv-generator(8)
Process: 29497 ExecStop=/etc/init.d/unbound stop (code=exited, status=0/SUCCESS)
Process: 8901 ExecStart=/etc/init.d/unbound start (code=exited, status=0/SUCCESS)
# We can now start the service again using systemctl (again, in our case this is done
# by puppet
root at nscache1:~# systemctl start unbound.service
# And check its status:
root at nscache1:~# ps -aux | grep unbound
unbound 29521 26.8 3.3 140640 34352 ? Ssl 21:21 0:01 /usr/sbin/unbound
root at nscache1:~# systemctl status unbound.service
● unbound.service
Loaded: loaded (/etc/init.d/unbound; bad; vendor preset: enabled)
Drop-In: /run/systemd/generator/unbound.service.d
└─50-insserv.conf-$named.conf, 50-unbound-$named.conf
Active: active (running) since Sat 2015-12-05 21:21:04 CET; 3min 12s ago
Docs: man:systemd-sysv-generator(8)
Process: 29497 ExecStop=/etc/init.d/unbound stop (code=exited, status=0/SUCCESS)
Process: 29511 ExecStart=/etc/init.d/unbound start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/unbound.service
└─29521 /usr/sbin/unbound
* Outcome in our test case:
- Systemctl is unable to start unbound when it wasn't stopped by systemctl
but by unbound-control.
* Expected outcome:
- Systemctl to start unbound, regardless of how it was stopped.
-- System Information:
Debian Release: 9
APT prefers testing-updates
APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.2.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages unbound depends on:
ii adduser 3.113+nmu3
ii libc6 2.19-22
ii libevent-2.0-5 2.0.21-stable-2+b1
ii libfstrm0 0.2.0-1
ii libprotobuf-c1 1.1.1-1
ii libpython2.7 2.7.10-5+b1
ii libssl1.0.2 1.0.2d-3
ii openssl 1.0.2d-3
ii unbound-anchor 1.5.6-1
unbound recommends no packages.
unbound suggests no packages.
-- Configuration Files:
/etc/unbound/unbound.conf changed:
server:
verbosity: 1
trusted-keys-file: /etc/unbound/keys.d/*.key
auto-trust-anchor-file: /var/lib/unbound/root.key
do-not-query-localhost: no
use-syslog: yes
extended-statistics: no
statistics-interval: 0
root-hints: /etc/unbound/root.hints
num-threads: 2
outgoing-port-permit: 32768-65535
outgoing-port-avoid: 0-32767
harden-glue: yes
harden-dnssec-stripped: yes
harden-below-nxdomain: yes
harden-referral-path: yes
unwanted-reply-threshold: 10000000
edns-buffer-size: 1280
port: 53
interface: ::0
interface: 0.0.0.0
access-control: ::1/0 allow
msg-cache-slabs: 2
rrset-cache-slabs: 2
infra-cache-slabs: 2
key-cache-slabs: 2
rrset-cache-size: 100m
msg-cache-size: 50m
num-queries-per-thread: 4096
outgoing-range: 8192
chroot: ""
username: "unbound"
directory: "/etc/unbound"
val-clean-additional: yes
val-log-level: 1
hide-identity: no
hide-version: no
include: "/etc/unbound/unbound.conf.d/*.conf"
remote-control:
control-enable: yes
control-interface: ::1
control-interface: 127.0.0.1
control-port: 8953
server-key-file: /etc/unbound/unbound_server.key
server-cert-file: /etc/unbound/unbound_server.pem
control-key-file: /etc/unbound/unbound_control.key
control-cert-file: /etc/unbound/unbound_control.pem
/etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf [Errno 2] No such file or directory: u'/etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf'
-- no debconf information
More information about the pkg-dns-devel
mailing list