Hi,
I'm trying to preserve my chroot-ed, systemctl-launched BIND9's logs.
To do that, I'm using a bind mount.
My problem is, it all works from command line, but not from when doing
the "same thing" via systemd unit file.
My question is: Why doesn't it work? What am I doing wrong here?
Before launching BIND in a chroot, I've got an existing /var/log/named
log dir and no chroot dirs:
ls -al /var/log/named /svr/chroot/named/var/log
ls: cannot access /svr/chroot/named/var/log: No such
file or directory
/var/log/named:
total 16K
drwxr-xr-x 2 named named 4.0K Mar 30 09:40 ./
drwxr-xr-x 20 root root 12K Mar 29 07:51 ../
-rw-r--r-- 1 root root 0 Mar 30 09:40 test
I exec a chroot setup script:
/svr/scripts/bind-chroot.sh /svr/chroot/named on
which correctly bind-mounts /var/log/named to /svr/chroot/named/var/log:
mountpoint -d /svr/chroot/named/var/log
253:2
mountpoint -d /var/log/named
253:2
ls -al /var/log/named /svr/chroot/named/var/log
/svr/chroot/named/var/log:
total 8.0K
drwxr-xr-x 2 named named 4.0K Mar 30 09:40 ./
drwxr-xr-x 4 root root 4.0K Mar 30 10:13 ../
-rw-r--r-- 1 root root 0 Mar 30 09:40 test
/var/log/named:
total 16K
drwxr-xr-x 2 named named 4.0K Mar 30 09:40 ./
drwxr-xr-x 20 root root 12K Mar 29 07:51 ../
-rw-r--r-- 1 root root 0 Mar 30 09:40 test
Now I launch BIND itself
/usr/local/sbin/named -t /svr/chroot/named -n 4 -S 1024 -u named
-c /etc/named.conf
It's up:
ps ax | grep named
5948 ? Ssl 0:11 /usr/local/sbin/named -t
/svr/chroot/named -n 4 -S 1024 -u named -c /etc/named.conf
and logs are correctly created in chroot:
ls -al /svr/chroot/named/var/log
total 16K
drwxr-xr-x 2 named named 4.0K Mar 30 10:17 ./
drwxr-xr-x 4 root root 4.0K Mar 30 10:13 ../
-rw-r--r-- 1 named named 2.6K Mar 30 10:18
bind-debug.log
-rw-r--r-- 1 named named 4.0K Mar 30 10:17 bind-main.log
-rw-r--r-- 1 named named 0 Mar 30 10:17
bind-query.log
-rw-r--r-- 1 root root 0 Mar 30 09:40 test
and are reflected as expected in the bound mount:
ls -al /var/log/named
total 24K
drwxr-xr-x 2 named named 4.0K Mar 30 10:17 ./
drwxr-xr-x 20 root root 12K Mar 29 07:51 ../
-rw-r--r-- 1 named named 2.6K Mar 30 10:18
bind-debug.log
-rw-r--r-- 1 named named 4.0K Mar 30 10:17
bind-main.log
-rw-r--r-- 1 named named 0 Mar 30 10:17
bind-query.log
-rw-r--r-- 1 root root 0 Mar 30 09:40 test
now when I quit named
rndc stop
ps ax | grep named
(empty)
and unmount:
umount /svr/chroot/named/var/log
the logs are preserved outside of the chroot:
ls -al /var/log/named /svr/chroot/named/var/log
/svr/chroot/named/var/log:
total 8.0K
drwxr-xr-x 2 named named 4.0K Mar 30 10:13 ./
drwxr-xr-x 4 root root 4.0K Mar 30 10:13 ../
/var/log/named:
total 28K
drwxr-xr-x 2 named named 4.0K Mar 30 10:17 ./
drwxr-xr-x 20 root root 12K Mar 29 07:51 ../
-rw-r--r-- 1 named named 3.3K Mar 30 10:19
bind-debug.log
-rw-r--r-- 1 named named 4.3K Mar 30 10:20
bind-main.log
-rw-r--r-- 1 named named 0 Mar 30 10:17
bind-query.log
-rw-r--r-- 1 root root 0 Mar 30 09:40 test
But if I repeate the process, using a systemd unit to automate the same
thing:
cat /etc/systemd/system/named-custom.service
[Unit]
Description=Bind9
After=syslog.target network.target
Before=named-custom.target
[Service]
Type=forking
PrivateTmp=true
ExecStartPre=/svr/scripts/bind-chroot.sh
/svr/chroot/named on
ExecStart=/usr/local/sbin/named -t /svr/chroot/named -n
4 -S 1024 -u named -c /etc/named.conf
ExecReload=/bin/sh -c '/usr/local/sbin/rndc reload >
/dev/null 2>&1 || /bin/kill -HUP $MAINPID'
ExecStop=/bin/sh -c '/usr/local/sbin/rndc stop >
/dev/null 2>&1 || /bin/kill -TERM $MAINPID'
ExecStopPost=/svr/scripts/bind-chroot.sh
/svr/chroot/named off
Restart=always
RestartSec=1
TimeoutSec=25
[Install]
WantedBy=multi-user.target
systemctl start named-custom.service
Bind's fully functional, but I do NOT see the bound mount:
ls -al /var/log/named /svr/chroot/named/var/log
/svr/chroot/named/var/log:
total 16K
drwxr-xr-x 2 named named 4.0K Mar 30 10:27 ./
drwxr-xr-x 4 root root 4.0K Mar 30 10:27 ../
-rw-r--r-- 1 named named 2.3K Mar 30 10:27
bind-debug.log
-rw-r--r-- 1 named named 4.0K Mar 30 10:27
bind-main.log
-rw-r--r-- 1 named named 0 Mar 30 10:27
bind-query.log
/var/log/named:
total 16K
drwxr-xr-x 2 named named 4.0K Mar 30 10:26 ./
drwxr-xr-x 20 root root 12K Mar 29 07:51 ../
mountpoint -d /svr/chroot/named/var/log
253:0
mountpoint -d /var/log/named
253:2
Why doesn't the mount exist when 'automated' via system launch, as it is
if I manually exec? What have I screwed up or missed?
I'm running:
systemctl --version
systemd 195
suse
+PAM +LIBWRAP +AUDIT +SELINUX +IMA +SYSVINIT
+LIBCRYPTSETUP +GCRYPT +ACL +XZ
-Izzy
_______________________________________________
systemd-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
