Bug 245114 - dns/unbound: use daemon(8) to recover from crashes
Summary: dns/unbound: use daemon(8) to recover from crashes
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-03-27 20:00 UTC by C
Modified: 2023-08-29 12:48 UTC (History)
4 users (show)

See Also:
bugzilla: maintainer-feedback? (jaap)


Attachments
daemon doing unbound (979 bytes, patch)
2023-04-19 14:35 UTC, Leo Vandewoestijne
no flags Details | Diff
daemon doing unbound better (680 bytes, patch)
2023-08-28 10:06 UTC, Leo Vandewoestijne
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description C 2020-03-27 20:00:11 UTC
Hi,

other rc scripts for services use daemon(8) with "-r" to recover from daemon crashes automatically without requiring admin intervention.

Today our unbound resolver (v1.10) crashed but since unbound does not make use of daemon it stayed down until we started it manually - which is worse than it could be.

Please add daemon to unbound's rc script to recover from crashes automatically.

for an example on how to use daemon:
https://svnweb.freebsd.org/ports/head/dns/dnsdist/files/dnsdist.in?view=markup
Comment 1 Li-Wen Hsu freebsd_committer freebsd_triage 2020-07-03 17:28:14 UTC
ping for maintainer feedback.
Comment 2 Jaap Akkerhuis 2020-07-06 13:41:35 UTC
(In reply to Li-Wen Hsu from comment #1)
Ah, forgot abut this feature request.

It would actually be more beneficial to find out why unbound-s crashing. I'm not sure whether it is a good idea to blindly restart a crashing process. Let me thonk about this.
Comment 3 C 2020-11-16 11:05:21 UTC
I agree that it is important to find and solve the root cause of the crash but in the moment of the crash the most important thing is to get the service back up again. Using log monitoring we are not "blind" and notice nonetheless that the crash happened and can have a manual look at the crash logs.
Comment 4 C 2021-02-20 13:06:25 UTC
Hi Jaap,

due to recent unbound crashes I was wondering whether you have any update on this?

thanks!
Comment 5 Jaap Akkerhuis 2021-02-20 14:55:10 UTC
(In reply to C from comment #4)

Nope, I haven't any update nor I had time time to implement this.

However, if you make make an option to the existing version of the rc
script to use daemon(8), I'm happy to add it to the port.
Comment 6 Leo Vandewoestijne 2023-04-19 14:35:12 UTC
Created attachment 241587 [details]
daemon doing unbound

Attached is what I tried.
I also use similar at dns/knot-resolver

However here at unbound the pidfile cannot be found.
Regardless wether I use -p or -P

But maybe it's enough clue for someone else to fix it correctly.
(in other words: this attached patch is incorrect).
Comment 7 Jaap Akkerhuis 2023-08-02 12:28:13 UTC
(In reply to Leo Vandewoestijne from comment #6
Apologies for the late reaction, but I wonder whether the implicit chroot prevents your patch from working.
Comment 8 Leo Vandewoestijne 2023-08-28 10:06:08 UTC
Created attachment 244416 [details]
daemon doing unbound better

Removing the '-u ${name}' solved it: it now let daemon run as root, and then unbound as unbound.

When -u was present it does not allow to bind to an IP/port.

It's now running for me.
Comment 9 Jaap Akkerhuis 2023-08-29 12:48:25 UTC
Looks good, thanks.

I expect a new release for unbound very soon and plan to include this modification