Control: tags -1 + moreinfo Am 14.03.19 um 11:39 schrieb Harald Dunkel:
Hi, > "/etc/init.d/bind9 stop" kills a named running in a LXC > container, if there is no named running on the host. Same > for "restart". Sample session (on the host): > > # ps -ef | grep named > opensmt+ 234963 3421 0 11:14 ? 00:00:00 /usr/sbin/named -f > -u bind > root 235428 230713 0 11:16 pts/0 00:00:00 grep named > # pidof -c named > # echo $? > 1 > # /etc/init.d/bind9 stop > [....] Stopping domain name service...: bind9rndc: connect failed: > 127.0.0.1#953: connection refused > waiting for pid 234963 to die > giving up on pid 234963 with kill -0; trying -9 > . ok > # ps -ef | grep named > root 235648 230713 0 11:17 pts/0 00:00:00 grep named > > The first "ps -ef" shows a running named. "pidof -c named" > shows that it is running inside its own chroot or container. > Nevertheless, "/etc/init.d/bind9 stop" kills the foreign named, > seriously affecting the container. > > AFAICS the postinst script is affected by this problem, too > (using pidof instead of pidof -c). I'm not sure whether this fix would make the situation better or worse. It is perfectly acceptable and possible to run bind chrooted, pidof -c would not see it anymore. In fact I'm pretty sure there are more chrooted installations of bind9 around than bind9 instances in a container where the host system is not running systemd and is having bind9 installed as well. Also, the initscript uses pgrep --- pid=$(pgrep -f ^/usr/sbin/named) || true --- I could not see an option similar to "-c" for pgrep. Anyway, tested patches welcome, but apparently this hasn't been fully analyzed. Bernhard
