On 2017-07-14 06:15 PM, Robert Edmonds wrote: > Simon Deziel wrote: >> When unbound is stopped, its PID file is left behind causing subsequent >> service starts to complain like that: >> >> unbound[178]: [178:0] warning: did not exit gracefully last time (124) >> >> Please find a patch that tells systemd where the PID is so that it can >> delete it once unbound is stopped. > > Hi, Simon: > > Are you sure about this? When I "systemctl stop unbound", "systemctl > start unbound", I get the following output in the journal: > > Jul 14 18:12:52 chase systemd[1]: Stopping Unbound DNS server... > Jul 14 18:12:52 chase unbound[26190]: [26190:0] info: service stopped > (unbound 1.6.4). > Jul 14 18:12:52 chase unbound[26190]: [26190:0] info: server stats for thread > 0: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected by > ip ratelimiting > Jul 14 18:12:52 chase unbound[26190]: [26190:0] info: server stats for thread > 0: requestlist max 0 avg 0 exceeded 0 jostled 0 > Jul 14 18:12:52 chase systemd[1]: Stopped Unbound DNS server. > Jul 14 18:13:00 chase systemd[1]: Starting Unbound DNS server... > Jul 14 18:13:00 chase package-helper[26343]: /var/lib/unbound/root.key has > content > Jul 14 18:13:00 chase package-helper[26343]: success: the anchor is ok > Jul 14 18:13:00 chase unbound[26347]: [26347:0] notice: init module 0: > validator > Jul 14 18:13:00 chase unbound[26347]: [26347:0] notice: init module 1: > iterator > Jul 14 18:13:00 chase unbound[26347]: [26347:0] info: start of service > (unbound 1.6.4). > Jul 14 18:13:00 chase systemd[1]: Started Unbound DNS server. > > It also looks like unbound truncates the pidfile when it shuts down? >
It only happens when using Apparmor as the profile prevents unbound from chown'ing the pidfile which then prevents the truncation from happening. For the rational of denying the chown, please see: https://code.launchpad.net/~sdeziel/apparmor-profiles/unbound-refresh/+merge/282230 Sorry for not mentioning Apparmor before, I only realized this now and was in PTO for the past week. Regards, Simon
