Package: bind9
Version: 1:9.7.3.dfsg-1+b1
Severity: normal
Hi,
the init script fails if there are multiple instances of bind running,
for example as a corollary of the /run migration with a chrooted bind
where the pid file is mishandled:
++ awk '/^pid:/ {print $2}'
rndc: connect failed: 127.0.0.1#953: connection refused
+ pid=
+ '[' -z '' ']'
++ pgrep -f '^/usr/sbin/named'
+ pid='4077
6376
6477
32626'
+ start-stop-daemon --stop --oknodo --quiet --exec /usr/sbin/named --pidfile
/var/run/named/named.pid -- -u bind -t /var/local/bind
+ '[' -n 4077 6376 6477 32626 ']'
/etc/init.d/bind9: line 91: [: too many arguments
+ log_end_msg 0
pid=$(/usr/sbin/rndc stop -p | awk '/^pid:/ {print $2}') || true
if [ -z "$pid" ]; then # no pid found, so either not running,
pid=$(pgrep -f ^/usr/sbin/named) || true
start-stop-daemon --stop --oknodo --quiet --exec /usr/sbin/named \
--pidfile ${PIDFILE} -- $OPTIONS
fi
if [ -n $pid ]; then
while kill -0 $pid 2>/dev/null; do
log_progress_msg "waiting for pid $pid to die"
sleep 1
done
fi
When more than one named is running, pgrep will return multiple pids,
which fails in the unquoted -n $pid clause and isn't easily fixed by
quoting.
Greetings
Marc
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.0.0-zgws1 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages bind9 depends on:
ii adduser 3.113 add and remove users and groups
ii bind9utils 1:9.7.3.dfsg-1+b1 Utilities for BIND
ii debconf [debconf-2 1.5.41 Debian configuration management sy
ii libbind9-60 1:9.7.3.dfsg-1+b1 BIND9 Shared Library used by BIND
ii libc6 2.13-14 Embedded GNU C Library: Shared lib
ii libcap2 1:2.22-1 support for getting/setting POSIX.
ii libcomerr2 1.42~WIP-2011-07-02-1 common error description library
ii libdb5.1 5.1.25-11 Berkeley v5.1 Database Libraries [
ii libdns69 1:9.7.3.dfsg-1+b1 DNS Shared Library used by BIND
ii libgssapi-krb5-2 1.9.1+dfsg-1+b1 MIT Kerberos runtime libraries - k
ii libisc62 1:9.7.3.dfsg-1+b1 ISC Shared Library used by BIND
ii libisccc60 1:9.7.3.dfsg-1+b1 Command Channel Library used by BI
ii libisccfg62 1:9.7.3.dfsg-1+b1 Config File Handling Library used
ii libk5crypto3 1.9.1+dfsg-1+b1 MIT Kerberos runtime libraries - C
ii libkrb5-3 1.9.1+dfsg-1+b1 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.25-1.1 OpenLDAP libraries
ii liblwres60 1:9.7.3.dfsg-1+b1 Lightweight Resolver Library used
ii libssl1.0.0 1.0.0d-3 SSL shared libraries
ii libxml2 2.7.8.dfsg-4 GNOME XML library
ii lsb-base 3.2-27 Linux Standard Base 3.2 init scrip
ii net-tools 1.60-24.1 The NET-3 networking toolkit
ii netbase 4.46 Basic TCP/IP networking system
bind9 recommends no packages.
Versions of packages bind9 suggests:
ii bind9-doc 1:9.7.3.dfsg-1 Documentation for BIND
ii dnsutils 1:9.7.3.dfsg-1+b1 Clients provided with BIND
ii resolvconf 1.58 name server information handler
pn ufw <none> (no description available)
-- Configuration Files:
/etc/bind/named.conf changed:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/var/run/bind/named.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
/etc/bind/named.conf.local changed:
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
include "/etc/bind/zones.rfc1918";
include "/etc/bind/zones.scy";
/etc/bind/named.conf.options changed:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
forward only;
listen-on {
::1;
127.0.0.1;
192.168.18.254;
192.168.118.254;
};
allow-query {
::1;
127.0.0.1;
192.168.18.0/24;
192.168.118.0/24;
};
allow-recursion {
::1;
127.0.0.1;
192.168.18.0/24;
192.168.118.0/24;
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
-- debconf information:
bind9/different-configuration-file:
bind9/run-resolvconf: true
bind9/start-as-user: bind
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
