Package: bind9
Version: 1:9.8.1.dfsg-1
Severity: normal
named process takes about 100% of CPU (one core) without any external load.
Here some strace log:
[pid 13585] futex(0x7f76b626207c,
FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 11977183, {1322159632,
411160000}, ffffffff
[pid 13582] futex(0x7f76b626207c, FUTEX_WAKE_OP_PRIVATE, 1, 1, 0x7f76b6262078,
{FUTEX_OP_SET, 0, FUTEX_OP_CMP_GT, 1}
[pid 13585] <... futex resumed> ) = -1 EAGAIN (Resource temporarily unavailable)
[pid 13582] <... futex resumed> ) = 0
[pid 13585] futex(0x7f76b6262028, FUTEX_WAIT_PRIVATE, 2, NULL
[pid 13582] futex(0x7f76b6262028, FUTEX_WAKE_PRIVATE, 1
[pid 13585] <... futex resumed> ) = -1 EAGAIN (Resource temporarily unavailable)
[pid 13582] <... futex resumed> ) = 0
[pid 13585] futex(0x7f76b6262028, FUTEX_WAKE_PRIVATE, 1) = 0
[pid 13582] futex(0x7f76b6262078, FUTEX_WAIT_PRIVATE, 2, NULL
[pid 13585] futex(0x7f76b6262078, FUTEX_WAKE_PRIVATE, 1
[pid 13582] <... futex resumed> ) = -1 EAGAIN (Resource temporarily unavailable)
[pid 13585] <... futex resumed> ) = 0
[pid 13582] futex(0x7f76b626207c, FUTEX_WAKE_OP_PRIVATE, 1, 1, 0x7f76b6262078,
{FUTEX_OP_SET, 0, FUTEX_OP_CMP_GT, 1}
[pid 13585] futex(0x7f76b626207c,
FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 11977185, {1322159632,
411160000}, ffffffff
[pid 13582] <... futex resumed> ) = 0
[pid 13585] <... futex resumed> ) = -1 EAGAIN (Resource temporarily unavailable)
log is clear (even with debug level), status displays:
version: 9.8.1
CPUs found: 4
worker threads: 4
number of zones: 30
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.1.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages bind9 depends on:
ii adduser 3.113
ii bind9utils 1:9.8.1.dfsg-1
ii debconf [debconf-2.0] 1.5.41
ii libbind9-80 1:9.8.1.dfsg-1
ii libc6 2.13-21
ii libcap2 1:2.22-1
ii libdns81 1:9.8.1.dfsg-1
ii libgssapi-krb5-2 1.9.1+dfsg-3
ii libisc83 1:9.8.1.dfsg-1
ii libisccc80 1:9.8.1.dfsg-1
ii libisccfg82 1:9.8.1.dfsg-1
ii liblwres80 1:9.8.1.dfsg-1
ii libssl1.0.0 1.0.0e-2.1
ii libxml2 2.7.8.dfsg-5
ii lsb-base 3.2-28
ii net-tools 1.60-24.1
ii netbase 4.47
bind9 recommends no packages.
Versions of packages bind9 suggests:
pn bind9-doc 1:9.8.1.dfsg-1
pn dnsutils 1:9.8.1.dfsg-1
pn resolvconf <none>
pn ufw <none>
-- Configuration Files:
/etc/bind/named.conf.local changed:
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
key "rndc-key" {
algorithm hmac-md5;
secret "r8Yb4yQ9z09i6RK0U3OAWg==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
controls {
inet ::1 port 953
allow { ::1; } keys { "rndc-key"; };
};
zone "desunote.ru" {
type master;
notify yes;
allow-transfer { 80.249.182.250;80.249.182.254; 192.168.2.4; };
file "/etc/bind/db.desunote.ru";
};
zone "kirius.spb.ru" {
type master;
notify yes;
allow-transfer { 80.249.182.250; 80.249.182.254;192.168.2.4;
193.124.22.65;};
file "/etc/bind/db.kirius.spb.ru";
};
zone "amarao.spb.ru" {
type master;
notify yes;
allow-transfer { 80.249.182.250; 80.249.182.252;
80.249.182.254;192.168.2.4; 193.124.22.65;};
file "/etc/bind/db.generic";
};
zone "oldbooks.spb.su" {
type master;
notify yes;
allow-transfer { 80.249.182.250; 80.249.182.252;
80.249.182.254;192.168.2.4; 193.124.22.65;};
file "/etc/bind/db.generic";
};
zone "shuklin.pp.ru" {
type master;
notify yes;
allow-transfer { 80.249.182.250; 80.249.182.252;
80.249.182.254;192.168.2.4; 193.124.22.65;};
file "/etc/bind/db.generic";
};
zone "shuklin.spb.ru" {
type master;
notify yes;
allow-transfer { 80.249.182.250; 80.249.182.252;
80.249.182.254;192.168.2.4; 193.124.22.65;};
file "/etc/bind/db.generic";
};
zone "voterra.spb.ru" {
type master;
notify yes;
allow-transfer { 80.249.182.250; 80.249.182.252;
80.249.182.254;192.168.2.4; 193.124.22.65;};
file "/etc/bind/db.voterra.spb.ru";
};
zone "rakshas.spb.ru" {
type master;
notify yes;
allow-transfer { 80.249.182.250; 80.249.182.252;
80.249.182.254;192.168.2.4; 193.124.22.65;};
file "/etc/bind/db.rakshas.spb.ru";
};
zone "activate.adobe.com" {
type master;
file "/etc/bind/db.generic";
};
zone "animehistory.ru" {
type master;
file "/etc/bind/db.animehistory.ru";
allow-transfer { any; };
};
zone "fakedream.ru" {
type master;
file "/etc/bind/db.fakedream.ru";
allow-transfer {any;};
};
zone "xencloud.ru"{
type master;
file "/etc/bind/db.xencloud.ru";
allow-transfer {any;};
};
/etc/bind/named.conf.options changed:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
/etc/init.d/bind9 changed:
PATH=/sbin:/bin:/usr/sbin:/usr/bin
OPTIONS=""
RESOLVCONF=no
test -f /etc/default/bind9 && . /etc/default/bind9
test -x /usr/sbin/rndc || exit 0
. /lib/lsb/init-functions
PIDFILE=/var/run/named/named.pid
check_network() {
if [ -x /usr/bin/uname ] && [ "X$(/usr/bin/uname -o)" = XSolaris ]; then
IFCONFIG_OPTS="-au"
else
IFCONFIG_OPTS=""
fi
if [ -z "$(/sbin/ifconfig $IFCONFIG_OPTS)" ]; then
#log_action_msg "No networks configured."
return 1
fi
return 0
}
case "$1" in
start)
log_daemon_msg "Starting domain name service..." "bind9"
modprobe capability >/dev/null 2>&1 || true
# dirs under /var/run can go away on reboots.
mkdir -p /var/run/named
chmod 775 /var/run/named
chown root:bind /var/run/named >/dev/null 2>&1 || true
if [ ! -x /usr/sbin/named ]; then
log_action_msg "named binary missing - not starting"
log_end_msg 1
fi
if ! check_network; then
log_action_msg "no networks configured"
log_end_msg 1
fi
if start-stop-daemon --start --oknodo --quiet --exec /usr/sbin/named \
--pidfile ${PIDFILE} -- $OPTIONS; then
if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then
echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.named
fi
log_end_msg 0
else
log_end_msg 1
fi
;;
stop)
log_daemon_msg "Stopping domain name service..." "bind9"
if ! check_network; then
log_action_msg "no networks configured"
log_end_msg 1
fi
echo stage 0
if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then
/sbin/resolvconf -d lo.named
fi
if [ -z "$pid" ]; then # no pid found, so either not running,
or error
pid=$(pgrep -f ^/usr/sbin/named) || true
echo stage1
start-stop-daemon --stop --oknodo --quiet --exec /usr/sbin/named \
--pidfile ${PIDFILE} -- $OPTIONS
echo stage2
fi
if [ -n $pid ]; then
while kill -0 $pid 2>/dev/null; do
log_progress_msg "waiting for pid $pid to die"
sleep 1
done
fi
log_end_msg 0
;;
reload|force-reload)
log_daemon_msg "Reloading domain name service..." "bind9"
if ! check_network; then
log_action_msg "no networks configured"
log_end_msg 1
fi
/usr/sbin/rndc reload >/dev/null && log_end_msg 0 || log_end_msg 1
;;
restart)
if ! check_network; then
log_action_msg "no networks configured"
exit 1
fi
$0 stop
$0 start
;;
status)
ret=0
status_of_proc -p ${PIDFILE} /usr/sbin/named bind9 2>/dev/null || ret=$?
exit $ret
;;
*)
log_action_msg "Usage: /etc/init.d/bind9
{start|stop|reload|restart|force-reload|status}"
exit 1
;;
esac
exit 0
-- debconf information:
* bind9/different-configuration-file:
* bind9/run-resolvconf: false
* bind9/start-as-user: bind
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
