-
-
Notifications
You must be signed in to change notification settings - Fork 349
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
systemd service fails on Ubuntu 18.04 #138
Comments
Hi @7adietri could you try this build line? https://gitlab.com/rpz-zones/toolbox/issues/18 It is working for me on Ubuntu18/19 from at least version 1.9.4 to 1.9.6 |
Hi @spirillen, are you referring to this command line? Since I don't want to install into I wonder why this line makes |
Hi @7adietri Yes that's the line If I recall it right, then I chosen to install into the /usr because of the AppAmor PS I'm not a unbound guru, just doing my best to help you up and running 😄 |
Could you paste whole |
This is the complete
The service fails to start unless I remove the line starting with The only relevant setting from the config file is probably I don't want to install manually built software into the same locations as packaged software, so the |
The You may also clean leftovers from |
it would be also nice to rule out apparmor issues: |
The PID file is created in There's no occurrence of |
I understand but as you said this line is causing issues for you. Maybe something gets confused when it tries bind-mount file from the same dir (which I didn't expect to happen). I'll appreciate if you could just test what happens if you change it. |
When I build with |
Hm, this is impossible to happen. I confirmed locally that |
Since
But the behaviour is still the same, the service fails because |
Did you removed stale |
Yes, |
Hi,
I don't think you get the error because sbin/unbound is missing. You get an error that something is missing while setting up the name space, which happens before spawning sbin/unbound. The missing part is the source part of the BindPaths property, which is the pid file. This file does indeed not exist when Unbound is not running. The systemd service file states that it can be ignored if it does not exist (the "-" prefix), but I don't think that is supported in the systemd version shipped with Ubuntu 18.04. I am wondering if this BindPaths line is needed at all. The pidfile is created before dropping privileges. And if I understand the systemd docs correctly it will be ignored most of the time (when the pid does not exist) anyway. |
Ok, I created #142 |
* nlnet/master: (28 commits) - Add changelog entry for PR#148. - Add changelog entry for RP#154 - autoconf after PR#154 - Fix NLnetLabs#153: Disable validation for DSA algorithms. RFC 8624 compliance. Changelog note for PR#155. - Merge PR#155 from Rober Edmonds: contrib/libunbound.pc.in: Fixes to Libs/Requires for crypto library dependencies. contrib/libunbound.pc.in: Embed the correct crypto dependencies contrib/libunbound.pc.in: Only specify -lunbound for Libs Allow use of libbsd functions with configure option --with-libbsd Changelog and contrib/README note for PR#150. - Merge PR#150 from Frzk: Systemd unit without chroot. It add contrib/unbound_nochroot.service.in, a systemd file for use with chroot: "", see comments in the file, it uses systemd protections instead. Patch configure.ac file to take the new contrib/unbound_nochroot.service unit file in consideration. Added a new unit file to run unbound with systemd and without chroot. Update unbound_munin_ - Fix auth zone support for NSEC3 records without salt. - Fix for memory leak when edns subnet config options are read when compiled without edns subnet support. - Fix crash after reload where a stats lookup could reference old key cache and neg cache structures. - Removed the dnscrypt_queries and dnscrypt_queries_chacha tests, because dnscrypt-proxy (2.0.36) does not support the test setup any more, and also the config file format does not seem to have the appropriate keys to recreate that setup. - Fix unreachable code in ssl set options code. - Fix the relationship between serve-expired and prefetch options, patch from Saksham Manchanda from Secure64. - Add changelog entry for fix NLnetLabs#138 (stop binding pidfile inside chroot dir in systemd service file). unbound.service.in: stop binding pidfile inside chroot dir - And update for more spare space. ...
unbound 1.9.6 fails to load as a systemd service on Ubuntu 18.04.3 LTS, when built from source and using the included
contrib/unbound.service
file.unbound was built and installed using the following command line:
The following error message appears in
journalctl
:I narrowed it down to this line in
unbound.service
:I'm not sure why this causes
/usr/local/sbin/unbound
to not be found, but when I comment out the line, unbound works as expected. The line itself looks pretty strange, with the duplication of/usr/local/etc/unbound
.The text was updated successfully, but these errors were encountered: