Bug#947771: unbound: cannot restart daemon under sysvinit-core when apparmor is enforced

Mon, 30 Dec 2019 05:42:43 -0800 

Package: unbound
Version: 1.9.0-2+deb10u1
Severity: normal
Tags: patch

At startup the daemon creates its pidfile (/run/unbound.pid) while running
as root, chown()s it to unbound:unbound, then drops privileges and runs
as user unbound.  At shutdown, the pidfile is successfully truncated,
but the following unlink() call fails because /run is owned by root.

In a subsequent start the daemon is prevented by the apparmor profile
from updating the pidfile (AFAICT, because it runs as root, but the
file exists and is owned by unbound), and as a result the pidfile is
left empty, and the daemon cannot be managed anymore.  Of course, under
systemd-sysv the problem does not exist.

I'm not proficient in apparmor enough to amend the profile, and I guess
the proper solution should mimic the one for bind9 (i.e. a directory
/run/named owned by root:bind), but in the meantime the following patch
solved the problem for me and might be useful to other users.

Best regards,
        g.b.

===================== patch begin
--- /etc/init.d/unbound.orig    2019-10-13 02:40:17.000000000 +0200
+++ /etc/init.d/unbound 2019-12-30 14:31:48.463876228 +0100
@@ -44,6 +44,7 @@
         log_daemon_msg "Stopping $DESC" "$NAME"
         if start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE --name 
$NAME --retry 5; then
             $HELPER resolvconf_stop
+            rm -f $PIDFILE
             log_end_msg 0
         else
             log_end_msg 1
@@ -51,16 +52,8 @@
         ;;
 
     restart|force-reload)
-        log_daemon_msg "Restarting $DESC" "$NAME"
-        start-stop-daemon --stop --quiet --pidfile $PIDFILE --name $NAME 
--retry 5
-        $HELPER resolvconf_stop
-        if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE 
--name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
-            $HELPER chroot_setup
-            $HELPER resolvconf_start
-            log_end_msg 0
-        else
-            log_end_msg 1
-        fi
+        $0 stop
+        $0 start
         ;;
 
     reload)
===================== patch end

-- System Information:
Debian Release: 10.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 4.19.0-6-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages unbound depends on:
ii  adduser         3.118
ii  dns-root-data   2019031302
ii  libc6           2.28-10
ii  libevent-2.1-6  2.1.8-stable-4
ii  libfstrm0       0.4.0-1
ii  libprotobuf-c1  1.3.1-1+b1
ii  libpython3.7    3.7.3-2
ii  libssl1.1       1.1.1d-0+deb10u2
ii  libsystemd0     241-7~deb10u2
ii  lsb-base        10.2019051400
ii  openssl         1.1.1d-0+deb10u2
ii  unbound-anchor  1.9.0-2+deb10u1

unbound recommends no packages.

Versions of packages unbound suggests:
ii  apparmor  2.13.2-10

-- Configuration Files:
/etc/init.d/unbound changed [not included]

-- no debconf information

Reply via email to