Hi Michal,
Thanks a lot for the reply, i will take a look at the documentation for
chroot and systemd notify. I already use the old option (type=forking) and yes
everything is working fine.
Have a good day.
--
Joel Langlois
-----Message d'origine-----
De : bind-users <bind-users-boun...@lists.isc.org> De la part de Michal Nowak
Envoyé : 25 mars 2025 13:10
À : bind-users@lists.isc.org
Objet : Re: isc-bind service shutdown after update at 9.20.7-1.2.el8
Hi,
I can reproduce your problem when I setup chroot.
Tho, I think this is the expected behaviour unless you setup the systemd notify
socket inside the chroot. See the following guide for how to do it
https://kb.leuxner.net/article/bind-sd_notify-chroot/ (haven't tried it
myself), or resort to what already works for you, i.e., Type=forking and the
removal of the "-f" option from the unit file.
> What is the impact of not using the " Type=notify" and »"-f" on my system?
There's no impact. It works.
Michal
On 24/03/2025 16:44, Langlois Joël wrote:
> Hello,
>
> Thanks for your reply, this help me to point in the good direction! The
> problem is in the startup file for the service
> /usr/lib/systemd/system/isc-bind-named.service (this file is modify by the
> 9.20.7 update). When i try to use the option "Type=notify" or the option "-f"
> (ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named -f) the service
> "isc-bind-named" does not want to start and i have the same error like in my
> fisrt email (netmgr 0x7f741ea7b1e0: Shutting down network manager etc....).
> When i put back the old option (Type=forking) and no "-f" in the ExcStart
> line, everything work like a charm!
>
> I am using "selinux" (i tried to desactivate it with no success for bind)
> and i have a chroot (/var/named/chroot) environement on my system since many
> years and i never had that kind of trouble before. What is the impact of not
> using the " Type=notify" and »"-f" on my system?
>
> Config file that is running well:
> =========================
> [root@sdns_server]# cat /usr/lib/systemd/system/isc-bind-named.service
> [Unit]
> After=network.target
> Wants=nss-lookup.target
> Before=nss-lookup.target
>
> [Service]
> Type=notify
> EnvironmentFile=-/etc/opt/isc/scls/isc-bind/sysconfig/named
> PIDFile=/var/named/chroot/run/named/named.pid
> ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named $OPTIONS
> ExecReload=/bin/kill -HUP $MAINPID ExecStop=/bin/kill -TERM $MAINPID
> PrivateTmp=true
>
> [Install]
> WantedBy=multi-user.target
>
>
> [root@dns_server]# cat /etc/opt/isc/scls/isc-bind/sysconfig/named
> # Command line options passed to named
> OPTIONS="-4 -t /var/named/chroot"
>
>
> Thanks a lot for your help!
>
> --
> Joel Langlois
>
>
> -----Message d'origine-----
> De : bind-users <bind-users-boun...@lists.isc.org> De la part de
> Michal Nowak Envoyé : 24 mars 2025 09:06 À : bind-users@lists.isc.org
> Objet : Re: isc-bind service shutdown after update at 9.20.7-1.2.el8
>
> ATTENTION : Ce courriel provient d'une source externe. Assurez-vous que cette
> dernière est sûre avant d'ouvrir une pièce jointe ou de cliquer sur un lien.
> Dans le doute, signalez le message.
>
>
> For BIND 9.20.7 and 9.21.6 we changed the service type from "forking" to
> "notify", also ExecStart now has the "-f" option:
>
> -[Service]
> -Type=forking
> -ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named
> +[Service]
> +Type=notify
> +ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named -f
>
> Could you please give us the output of "systemctl status
> isc-bind-named.service" a few seconds after the service started? I'd be
> surprised to find it in the "Active: active (running)" state.
>
> I failed to reproduce your problem on a clean Rocky Linux 8.10.
>
> Michal
>
> On 21/03/2025 20:43, Langlois Joël via bind-users wrote:
>> Hi everyone,
>>
>> After updating my isc-bind packages from 9.20.6-1.2 to
>> 9.20.7-1.2, i try to start the service but it always « shutdown » by
>> himself. My server is a Rocky Linux 8.10 and with the old version
>> (9.20.6) everything is working fine since many mounths. Here is a
>> the part of the output log (with debug enable) where i saw the
>> service going down (see netmgr ans shutting down below)! Any idea someone?
>>
>> Thanks in advance
>>
>> .
>>
>> .
>>
>> .
>>
>> fetch: ultradns.info/NS
>>
>> fetch: ultradns.co.uk/NS
>>
>> fetch: ultradns.co.uk/NS
>>
>> fetch: rds.ca/A
>>
>> fetch: rds.ca/A
>>
>> zone_maintenance: managed-keys-zone: enter
>>
>> zone_dump: managed-keys-zone: enter
>>
>> zone__settimer: managed-keys-zone: enter
>>
>> dump_done: managed-keys-zone: enter
>>
>> zone_journal_compact: managed-keys-zone: target journal size 0
>>
>> journal file managed-keys.bind.jnw does not exist, creating it
>>
>> fetch: rds.ca/A
>>
>> fetch: rds.ca/A
>>
>> fetch: rds.ca/A
>>
>> fetch: rds.ca/A
>>
>> netmgr 0x7fa151a7b1e0: Shutting down network manager
>>
>> netmgr 0x7fa151a7b1e0: Shutting down network manager worker on loop
>> 0x7fa151a39000(0)
>>
>> no longer listening on 127.0.0.1#53
>>
>> no longer listening on X.X.X.60#53
>>
>> stopping command channel on 127.0.0.1#953
>>
>> loop exclusive mode: starting
>>
>> loop exclusive mode: started
>>
>> shutting down
>>
>> managed-keys-zone: final reference detached
>>
>> .
>>
>> .
>>
>> ================================
>>
>> # systemctl status isc-bind-named.service
>>
>> ● isc-bind-named.service
>>
>> Loaded: loaded (/usr/lib/systemd/system/isc-bind-named.service;
>> enabled; vendor preset: disabled)
>>
>> Active: failed (Result: timeout) since Fri 2025-03-21 14:47:08
>> EDT; 51min ago
>>
>> Process: 1531 ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u
>> named -f $OPTIONS (code=exited, status=0/SUCCESS)
>>
>> Main PID: 1531 (code=exited, status=0/SUCCESS)
>>
>> Mar 21 14:45:37 dns_server named[1531]: checkhints:
>> b.root-servers.net/ AAAA (2801:1b8:10::b) missing from hints
>>
>> Mar 21 14:45:37 dns_server named[1531]: checkhints: b.root-
>> servers.net/AAAA (2001:500:200::b) extra record in hints
>>
>> Mar 21 14:47:07 dns_server systemd[1]: isc-bind-named.service: start
>> operation timed out. Terminating.
>>
>> Mar 21 14:47:07 dns_server named[1531]: no longer listening on
>> 127.0.0.1#53
>>
>> Mar 21 14:47:07 dns_server named[1531]: no longer listening on
>> X.X.X.60#53
>>
>> Mar 21 14:47:07 dns_server named[1531]: stopping command channel on
>> 127.0.0.1#953
>>
>> Mar 21 14:47:07 dns_server named[1531]: shutting down
>>
>> Mar 21 14:47:08 dns_server named[1531]: exiting
>>
>> Mar 21 14:47:08 dns_server systemd[1]: isc-bind-named.service: Failed
>> with result 'timeout'.
>>
>> Mar 21 14:47:08 dns_server systemd[1]: Failed to start isc-bind-
>> named.service.
>>
>> #
>>
>> ------
>>
>> Joe
>>
>>
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
