Bug#900790: nginx: systemd nginx.service is missing After=nss-lookup.target
Package: nginx Version: 1.13.12-1 Severity: normal Tags: patch Dear Maintainer, Nginx tries to resolve domain at startup, and if this happen before nss-lookup.target is started then, nginx startup might fail. Adding nss-lookup.target to the After directive solves the problem: After=network.target nss-lookup.target Moreover, you can find a systemd unit service file example here: https://www.nginx.com/resources/wiki/start/topics/examples/systemd/ -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.16.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages nginx depends on: ii nginx-full 1.13.12-1 nginx recommends no packages. nginx suggests no packages. -- no debconf information
Bug#900788: bind9: systemd unit service file does not wait for bind9 to be ready
Package: bind9 Version: 1:9.11.3+dfsg-1 Severity: normal Tags: patch Dear Maintainer, The current systemd service file /lib/systemd/system/bind9.service does not wait for bind9 to have actually started up before starting others unit that depends on bind9. I noticed this behaviour after upgrading my system from stable to testing. The new version of nginx has some new checks on startup which try to resolve some domain (reverse proxy domain target for example). I added the dependency to nss-lookup.target in the nginx service file and it failed anyway because my bind9 was never ready when systemd starts nginx as it takes 8sec to start (there are hundreads of zones to load). You can fix the service file by changing the service type to "forking" and remove the "-f" option. I will try to upload my patch but it is my first debian bug report to it might take me some time to understand how everything works. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.16.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages bind9 depends on: ii adduser3.117 ii bind9utils 1:9.11.3+dfsg-1 ii debconf [debconf-2.0] 1.5.66 ii libbind9-160 1:9.11.3+dfsg-1 ii libc6 2.27-3 ii libcap21:2.25-1.2 ii libcom-err21.44.2-1 ii libdns1100 1:9.11.3+dfsg-1 ii libgeoip1 1.6.12-1 ii libgssapi-krb5-2 1.16-2 ii libisc169 1:9.11.3+dfsg-1 ii libisccc1601:9.11.3+dfsg-1 ii libisccfg160 1:9.11.3+dfsg-1 ii libjson-c3 0.12.1-1.3 ii libk5crypto3 1.16-2 ii libkrb5-3 1.16-2 ii liblmdb0 0.9.21-1 ii liblwres1601:9.11.3+dfsg-1 ii libssl1.1 1.1.0h-4 ii libxml22.9.4+dfsg1-7 ii lsb-base 9.20170808 ii net-tools 1.60+git20161116.90da8a0-2 ii netbase5.4 bind9 recommends no packages. Versions of packages bind9 suggests: pn bind9-doc ii dnsutils1:9.11.3+dfsg-1 pn resolvconf pn ufw -- Configuration Files: /etc/bind/named.conf changed [not included] /etc/bind/named.conf.local changed [not included] /etc/bind/named.conf.options changed [not included] -- debconf information excluded