Bug#636935: init script fails if multiple instances are running

[Marc Haber]

Package: bind9
Version: 1:9.7.3.dfsg-1+b1
Severity: normal

Hi,

the init script fails if there are multiple instances of bind running,
for example as a corollary of the /run migration with a chrooted bind
where the pid file is mishandled:

++ awk '/^pid:/ {print $2}'
rndc: connect failed: 127.0.0.1#953: connection refused
+ pid=
+ '[' -z '' ']'
++ pgrep -f '^/usr/sbin/named'
+ pid='4077
6376
6477
32626'
+ start-stop-daemon --stop --oknodo --quiet --exec /usr/sbin/named --pidfile 
/var/run/named/named.pid -- -u bind -t /var/local/bind
+ '[' -n 4077 6376 6477 32626 ']'
/etc/init.d/bind9: line 91: [: too many arguments
+ log_end_msg 0

        pid=$(/usr/sbin/rndc stop -p | awk '/^pid:/ {print $2}') || true
        if [ -z "$pid" ]; then          # no pid found, so either not running,
            pid=$(pgrep -f ^/usr/sbin/named) || true
            start-stop-daemon --stop --oknodo --quiet --exec /usr/sbin/named \
                    --pidfile ${PIDFILE} -- $OPTIONS
        fi
        if [ -n $pid ]; then
          while kill -0 $pid 2>/dev/null; do
            log_progress_msg "waiting for pid $pid to die"
            sleep 1
          done
        fi

When more than one named is running, pgrep will return multiple pids,
which fails in the unquoted -n $pid clause and isn't easily fixed by
quoting.

Greetings
Marc

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-zgws1 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages bind9 depends on:
ii  adduser            3.113                 add and remove users and groups
ii  bind9utils         1:9.7.3.dfsg-1+b1     Utilities for BIND
ii  debconf [debconf-2 1.5.41                Debian configuration management sy
ii  libbind9-60        1:9.7.3.dfsg-1+b1     BIND9 Shared Library used by BIND
ii  libc6              2.13-14               Embedded GNU C Library: Shared lib
ii  libcap2            1:2.22-1              support for getting/setting POSIX.
ii  libcomerr2         1.42~WIP-2011-07-02-1 common error description library
ii  libdb5.1           5.1.25-11             Berkeley v5.1 Database Libraries [
ii  libdns69           1:9.7.3.dfsg-1+b1     DNS Shared Library used by BIND
ii  libgssapi-krb5-2   1.9.1+dfsg-1+b1       MIT Kerberos runtime libraries - k
ii  libisc62           1:9.7.3.dfsg-1+b1     ISC Shared Library used by BIND
ii  libisccc60         1:9.7.3.dfsg-1+b1     Command Channel Library used by BI
ii  libisccfg62        1:9.7.3.dfsg-1+b1     Config File Handling Library used 
ii  libk5crypto3       1.9.1+dfsg-1+b1       MIT Kerberos runtime libraries - C
ii  libkrb5-3          1.9.1+dfsg-1+b1       MIT Kerberos runtime libraries
ii  libldap-2.4-2      2.4.25-1.1            OpenLDAP libraries
ii  liblwres60         1:9.7.3.dfsg-1+b1     Lightweight Resolver Library used 
ii  libssl1.0.0        1.0.0d-3              SSL shared libraries
ii  libxml2            2.7.8.dfsg-4          GNOME XML library
ii  lsb-base           3.2-27                Linux Standard Base 3.2 init scrip
ii  net-tools          1.60-24.1             The NET-3 networking toolkit
ii  netbase            4.46                  Basic TCP/IP networking system

bind9 recommends no packages.

Versions of packages bind9 suggests:
ii  bind9-doc              1:9.7.3.dfsg-1    Documentation for BIND
ii  dnsutils               1:9.7.3.dfsg-1+b1 Clients provided with BIND
ii  resolvconf             1.58              name server information handler
pn  ufw                    <none>            (no description available)

-- Configuration Files:
/etc/bind/named.conf changed:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
// structure of BIND configuration files in Debian, *BEFORE* you customize 
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/var/run/bind/named.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

/etc/bind/named.conf.local changed:
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
include "/etc/bind/zones.rfc1918";
include "/etc/bind/zones.scy";

/etc/bind/named.conf.options changed:
options {
        directory "/var/cache/bind";
        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113
        // If your ISP provided one or more IP addresses for stable 
        // nameservers, you probably want to use them as forwarders.  
        // Uncomment the following block, and insert the addresses replacing 
        // the all-0's placeholder.
        // forwarders {
        //      0.0.0.0;
        // };
        
        forward only;
        
        listen-on {
                ::1;
                127.0.0.1;
                192.168.18.254;
                192.168.118.254;
        };
        
        allow-query {
                ::1;
                127.0.0.1;
                192.168.18.0/24;
                192.168.118.0/24;
        };
        
        allow-recursion {
                ::1;
                127.0.0.1;
                192.168.18.0/24;
                192.168.118.0/24;
        };
        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};


-- debconf information:
  bind9/different-configuration-file:
  bind9/run-resolvconf: true
  bind9/start-as-user: bind



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org