[Pkg-dns-devel] Bug#807132: Bug#807132: unbound-control breaks systemctl stop/start

Robert Edmonds edmonds at debian.org
Sat Jan 23 23:39:46 UTC 2016 

Rudy Broersma wrote:
> On our machine with Debian Stretch with all updates (as of 2015/12/05) we noticed
> that sometimes unbound failed to start. I believe this has something to do
> with unbound-control and systemctl.

>  * Outcome in our test case:
>    - Systemctl is unable to start unbound when it wasn't stopped by systemctl
>      but by unbound-control.
>    
>  * Expected outcome:
>    
>    - Systemctl to start unbound, regardless of how it was stopped.

Hi, Rudy:

It looks like this behavior is caused by the fact that the unbound
package doesn't ship a systemd service unit.  Therefore, the
systemd-sysv-generator automatically generates a unit file that looks
like this:

    # Automatically generated by systemd-sysv-generator

    [Unit]
    Documentation=man:systemd-sysv-generator(8)
    SourcePath=/etc/init.d/unbound
    Before=multi-user.target multi-user.target multi-user.target graphical.target shutdown.target
    After=network-online.target remote-fs.target systemd-journald-dev-log.socket
    Wants=network-online.target
    Conflicts=shutdown.target

    [Service]
    Type=forking
    Restart=no
    TimeoutSec=5min
    IgnoreSIGPIPE=no
    KillMode=process
    GuessMainPID=no
    RemainAfterExit=yes
    ExecStart=/etc/init.d/unbound start
    ExecStop=/etc/init.d/unbound stop
    ExecReload=/etc/init.d/unbound reload

Note the "RemainAfterExit=yes".  According to systemd.service(5):

    RemainAfterExit=
       Takes a boolean value that specifies whether the service shall be
       considered active even when all its processes exited. Defaults to
       no.

That appears to be causing the behavior that you observed when running
"unbound-control stop".

Testing a very basic native unbound.service unit file:

    [Unit]
    Description=Unbound DNS server
    After=network.target
    Before=nss-lookup.target
    Wants=nss-lookup.target

    [Service]
    Type=simple
    EnvironmentFile=-/etc/default/unbound
    ExecStart=/usr/sbin/unbound -d $DAEMON_OPTS
    ExecReload=/usr/sbin/unbound-control reload

    [Install]
    WantedBy=multi-user.target

I get the following behavior when running your test commands:

    root at debian:~# systemctl status unbound.service
    ● unbound.service - Unbound DNS server
       Loaded: loaded (/etc/systemd/system/unbound.service; enabled; vendor preset: enabled)
      Drop-In: /run/systemd/generator/unbound.service.d
               └─50-insserv.conf-$named.conf, 50-unbound-$named.conf
       Active: active (running) since Sat 2016-01-23 23:32:42 UTC; 5s ago
     Main PID: 7849 (unbound)
       CGroup: /system.slice/unbound.service
               └─7849 /usr/sbin/unbound -d

    Jan 23 23:32:42 debian systemd[1]: Started Unbound DNS server.
    Jan 23 23:32:42 debian unbound[7849]: [7849:0] notice: init module 0: validator
    Jan 23 23:32:42 debian unbound[7849]: [7849:0] notice: init module 1: iterator
    Jan 23 23:32:42 debian unbound[7849]: [7849:0] info: start of service (unbound 1.5.7).

    root at debian:~# unbound-control stop
    ok

    root at debian:~# systemctl status unbound.service
    ● unbound.service - Unbound DNS server
       Loaded: loaded (/etc/systemd/system/unbound.service; enabled; vendor preset: enabled)
      Drop-In: /run/systemd/generator/unbound.service.d
               └─50-insserv.conf-$named.conf, 50-unbound-$named.conf
       Active: inactive (dead) since Sat 2016-01-23 23:33:20 UTC; 3s ago
      Process: 7849 ExecStart=/usr/sbin/unbound -d $DAEMON_OPTS (code=exited, status=0/SUCCESS)
     Main PID: 7849 (code=exited, status=0/SUCCESS)

    Jan 23 23:32:42 debian systemd[1]: Started Unbound DNS server.
    Jan 23 23:32:42 debian unbound[7849]: [7849:0] notice: init module 0: validator
    Jan 23 23:32:42 debian unbound[7849]: [7849:0] notice: init module 1: iterator
    Jan 23 23:32:42 debian unbound[7849]: [7849:0] info: start of service (unbound 1.5.7).
    Jan 23 23:33:20 debian unbound[7849]: [7849:0] info: service stopped (unbound 1.5.7).
    Jan 23 23:33:20 debian unbound[7849]: [7849:0] info: server stats for thread 0: 0 queries, 0 answers from cache, 0 recursions,...refetch
    Jan 23 23:33:20 debian unbound[7849]: [7849:0] info: server stats for thread 0: requestlist max 0 avg 0 exceeded 0 jostled 0
    Hint: Some lines were ellipsized, use -l to show in full.

    root at debian:~# systemctl start unbound.service

    root at debian:~# systemctl status unbound.service
    ● unbound.service - Unbound DNS server
       Loaded: loaded (/etc/systemd/system/unbound.service; enabled; vendor preset: enabled)
      Drop-In: /run/systemd/generator/unbound.service.d
               └─50-insserv.conf-$named.conf, 50-unbound-$named.conf
       Active: active (running) since Sat 2016-01-23 23:33:35 UTC; 2s ago
     Main PID: 7857 (unbound)
       CGroup: /system.slice/unbound.service
               └─7857 /usr/sbin/unbound -d

    Jan 23 23:33:35 debian systemd[1]: Started Unbound DNS server.
    Jan 23 23:33:35 debian unbound[7857]: [7857:0] notice: init module 0: validator
    Jan 23 23:33:35 debian unbound[7857]: [7857:0] notice: init module 1: iterator
    Jan 23 23:33:35 debian unbound[7857]: [7857:0] info: start of service (unbound 1.5.7).

This looks like the correct behavior, so I will mark this bug resolved
for the next upload that adds native systemd unit files.

Thanks for the report!

-- 
Robert Edmonds
edmonds at debian.org

More information about the pkg-dns-devel mailing list