'Re: [PATCH] Fix the status check of unbound'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfire-development
Subject:    Re: [PATCH] Fix the status check of unbound
From:       Christian Kohlstedde <christian+ipfire () kohlsted ! de>
Date:       2017-06-12 18:56:35
Message-ID: 9a5f779b-d786-3d44-5f8e-cb69236a3ed2 () kohlsted ! de
[Download RAW message or body]

Hello Michael,

tl;dr: pgrep delivers the pid of unbound and unbound-dhcp-leases-bridge.
I compared the init script of unbound to the other ones, only unbound
and squid uses pgrep. The init script only wants the pid of unbound. I
didn't open a bug report (yet).

Full story (unfortunately story telling mode):
I was debugging why the start up and shutdown or also the network
reconfiguring of my ipfire machine takes more then 3 minutes configured
red static instead of red dhcp and sometimes the dns forwarders reported
as unsecure. I traced this behavior to the unbound init script. Then I
stumbled over bug 11351 [1] and commit ebf64a93ee0 [2]. This fixed the
shutdown part of my problem. But the start is still sometimes unstable.
Also the reportage of insecure dns forwarders occurred still. I debugged
with "set -x" the process of testing of nameservers and of updating the
forwarders and noticed the update-forwarders still tries to do it if
unbound is stopped. Some boots later currently the startup is stable.

Back to the original bug: unbound-control runs in to timeouts connecting
to the normal unbound daemon, but only on boot. Restart, stop, start
unbound is fine in a normal running ipfire.
I can provide /var/log/messages and /var/log/unbound.log - separate
unbound log file with increased verbosity - currently private data no
removed. (Logs of ipfire in a local virtualbox network - red bridged;
live environment with belwue/university as uplink I haven't created
logs, but just captured the network traffic of the interface to exclude
strange behavior of the upstream).

Christian

[1] https://bugzilla.ipfire.org/show_bug.cgi?id=11351
[2]
http://cgit.ipfire.org/ipfire-2.x.git/commit/src/initscripts/networking/red?h=core111&id=ebf64a93ee01f18226a8ed465a188f976097ee34


Am 12.06.2017 um 19:06 schrieb Michael Tremer:
> Hello Christian,
> 
> thank you very much for your submissing.
> 
> What is the bug this is trying to fix? I never noticed that something is not
> working okay here.
> 
> Best,
> -Michael
> 
> On Sat, 2017-06-10 at 12:56 +0200, Christian Kohlstedde wrote:
> > From: Christian Kohlstedde <christian@kohlsted.de>
> > 
> > ---
> > src/initscripts/system/unbound | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> > 
> > diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound
> > index 7437d93b8..04de3c1e0 100644
> > --- a/src/initscripts/system/unbound
> > +++ b/src/initscripts/system/unbound
> > @@ -457,7 +457,7 @@ disable_dnssec() {
> > case "$1" in
> > 	start)
> > 		# Print a nicer messagen when unbound is already running
> > -		if pidofproc -s unbound; then
> > +		if pidofproc -s /usr/sbin/unbound; then
> > 			statusproc /usr/sbin/unbound
> > 			exit 0
> > 		fi
> > @@ -503,7 +503,7 @@ case "$1" in
> > 
> > 	update-forwarders)
> > 		# Do not try updating forwarders when unbound is not running
> > -		if ! pgrep unbound &>/dev/null; then
> > +		if pidofproc -s /usr/sbin/unbound; then
> > 			exit 0
> > 		fi
> > 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic