Hi, I can reproduce your problem when I setup chroot.
Tho, I think this is the expected behaviour unless you setup the systemd notify socket inside the chroot. See the following guide for how to do it https://kb.leuxner.net/article/bind-sd_notify-chroot/ (haven't tried it myself), or resort to what already works for you, i.e., Type=forking and the removal of the "-f" option from the unit file.
> What is the impact of not using the " Type=notify" and »"-f" on my system?
There's no impact. It works. Michal On 24/03/2025 16:44, Langlois Joël wrote:
Hello, Thanks for your reply, this help me to point in the good direction! The problem is in the startup file for the service /usr/lib/systemd/system/isc-bind-named.service (this file is modify by the 9.20.7 update). When i try to use the option "Type=notify" or the option "-f" (ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named -f) the service "isc-bind-named" does not want to start and i have the same error like in my fisrt email (netmgr 0x7f741ea7b1e0: Shutting down network manager etc....). When i put back the old option (Type=forking) and no "-f" in the ExcStart line, everything work like a charm! I am using "selinux" (i tried to desactivate it with no success for bind) and i have a chroot (/var/named/chroot) environement on my system since many years and i never had that kind of trouble before. What is the impact of not using the " Type=notify" and »"-f" on my system? Config file that is running well: ========================= [root@sdns_server]# cat /usr/lib/systemd/system/isc-bind-named.service [Unit] After=network.target Wants=nss-lookup.target Before=nss-lookup.target [Service] Type=notify EnvironmentFile=-/etc/opt/isc/scls/isc-bind/sysconfig/named PIDFile=/var/named/chroot/run/named/named.pid ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named $OPTIONS ExecReload=/bin/kill -HUP $MAINPID ExecStop=/bin/kill -TERM $MAINPID PrivateTmp=true [Install] WantedBy=multi-user.target [root@dns_server]# cat /etc/opt/isc/scls/isc-bind/sysconfig/named # Command line options passed to named OPTIONS="-4 -t /var/named/chroot" Thanks a lot for your help! -- Joel Langlois -----Message d'origine----- De : bind-users <[email protected]> De la part de Michal Nowak Envoyé : 24 mars 2025 09:06 À : [email protected] Objet : Re: isc-bind service shutdown after update at 9.20.7-1.2.el8 ATTENTION : Ce courriel provient d'une source externe. Assurez-vous que cette dernière est sûre avant d'ouvrir une pièce jointe ou de cliquer sur un lien. Dans le doute, signalez le message. For BIND 9.20.7 and 9.21.6 we changed the service type from "forking" to "notify", also ExecStart now has the "-f" option: -[Service] -Type=forking -ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named +[Service] +Type=notify +ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named -f Could you please give us the output of "systemctl status isc-bind-named.service" a few seconds after the service started? I'd be surprised to find it in the "Active: active (running)" state. I failed to reproduce your problem on a clean Rocky Linux 8.10. Michal On 21/03/2025 20:43, Langlois Joël via bind-users wrote:Hi everyone, After updating my isc-bind packages from 9.20.6-1.2 to 9.20.7-1.2, i try to start the service but it always « shutdown » by himself. My server is a Rocky Linux 8.10 and with the old version (9.20.6) everything is working fine since many mounths. Here is a the part of the output log (with debug enable) where i saw the service going down (see netmgr ans shutting down below)! Any idea someone? Thanks in advance . . . fetch: ultradns.info/NS fetch: ultradns.co.uk/NS fetch: ultradns.co.uk/NS fetch: rds.ca/A fetch: rds.ca/A zone_maintenance: managed-keys-zone: enter zone_dump: managed-keys-zone: enter zone__settimer: managed-keys-zone: enter dump_done: managed-keys-zone: enter zone_journal_compact: managed-keys-zone: target journal size 0 journal file managed-keys.bind.jnw does not exist, creating it fetch: rds.ca/A fetch: rds.ca/A fetch: rds.ca/A fetch: rds.ca/A netmgr 0x7fa151a7b1e0: Shutting down network manager netmgr 0x7fa151a7b1e0: Shutting down network manager worker on loop 0x7fa151a39000(0) no longer listening on 127.0.0.1#53 no longer listening on X.X.X.60#53 stopping command channel on 127.0.0.1#953 loop exclusive mode: starting loop exclusive mode: started shutting down managed-keys-zone: final reference detached . . ================================ # systemctl status isc-bind-named.service ● isc-bind-named.service Loaded: loaded (/usr/lib/systemd/system/isc-bind-named.service; enabled; vendor preset: disabled) Active: failed (Result: timeout) since Fri 2025-03-21 14:47:08 EDT; 51min ago Process: 1531 ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named -f $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 1531 (code=exited, status=0/SUCCESS) Mar 21 14:45:37 dns_server named[1531]: checkhints: b.root-servers.net/ AAAA (2801:1b8:10::b) missing from hints Mar 21 14:45:37 dns_server named[1531]: checkhints: b.root- servers.net/AAAA (2001:500:200::b) extra record in hints Mar 21 14:47:07 dns_server systemd[1]: isc-bind-named.service: start operation timed out. Terminating. Mar 21 14:47:07 dns_server named[1531]: no longer listening on 127.0.0.1#53 Mar 21 14:47:07 dns_server named[1531]: no longer listening on X.X.X.60#53 Mar 21 14:47:07 dns_server named[1531]: stopping command channel on 127.0.0.1#953 Mar 21 14:47:07 dns_server named[1531]: shutting down Mar 21 14:47:08 dns_server named[1531]: exiting Mar 21 14:47:08 dns_server systemd[1]: isc-bind-named.service: Failed with result 'timeout'. Mar 21 14:47:08 dns_server systemd[1]: Failed to start isc-bind- named.service. # ------ Joe-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
