Re: unbound reload crashes the server

Thu, 22 Mar 2018 14:04:11 -0700 


On 03/22/18 14:49, Rupert Gallagher wrote:

This happens on plain 6.1.


ls -l ls -l /var/unbound/etc/unbound.conf

-rw-r--r--  1 root  wheel  4309 Mar 21 13:06 /var/unbound/etc/unbound.conf


doas rcctl start unbound

unbound(ok)

(log)

Mar 22 20:29:34 unbound[71209:0] info: server stats for thread 0: 1 queries, 1 
answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimiting
Mar 22 20:29:34 unbound[71209:0] info: server stats for thread 0: requestlist 
max 0 avg 0 exceeded 0 jostled 0
Mar 22 20:29:43 unbound[82723:0] notice: init module 0: validator
Mar 22 20:29:43 unbound[82723:0] notice: init module 1: iterator
Mar 22 20:29:43 unbound[82723:0] info: start of service (unbound 1.6.1).


unbound-host -rvD openbsd.org

openbsd.org has address 129.128.5.194 (insecure)
openbsd.org has no IPv6 address (insecure)
openbsd.org mail is handled by 6 shear.ucar.edu. (insecure)

[ No DNSSEC for the (self entitled) most secure OS... ]

I guess it couldn't hurt, but seems like mim dns attack on people trying 
to set up a router wouldn't be very profitable for most scammers.



doas rcctl reload unbound

unbound(ok)

(log)
Mar 22 20:31:00 unbound[97675:0] info: service stopped (unbound 1.6.1).
Mar 22 20:31:00 unbound[97675:0] info: server stats for thread 0: 0 queries, 0 
answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimiting
Mar 22 20:31:00 unbound[97675:0] info: server stats for thread 0: requestlist 
max 0 avg 0 exceeded 0 jostled 0
Mar 22 20:31:00 unbound[97675:0] notice: Restart of unbound 1.6.1.
Mar 22 20:31:00 unbound[97675:0] fatal error: Could not read config file: 
/etc/unbound.conf


pgrep unbound

[none]

So, the unbound server is down, and rcctl above is unaware of it.

Why reaching to /etc/unbound.conf when the binary was compiled for 
/var/unbound/etc/unbound.conf?


man unbound-control | grep /unbound.conf

               config file /var/unbound/etc/unbound.conf is used.

R



It is chroot'd to /var/unbound so it looks for /etc/unbound.conf from 
that false root.  At least that is my best guess. What is in 
/etc/rc.conf.local?


I have the following:
unbound_flags=-c /var/unbound/etc/unbound.conf


I'm not sure why I specified the config file, but it may well have been 
because of the same problem you are having.
























					Reply via email to