Hi, I am running unbound 1.5.8 on ubuntu xenial. unbound doesn't run remove the pid file after it's stopped. I was expecting the pid file should be owned by unbound user as otherwise unbound probably wouldn't be able to remove it; however, I didn't see any permission errors from unbound logs. I even tried to changed the permission of the pid file after it's created before stopping unbound that didn't help.
root@DFW01-CPS02:~# service unbound start * Starting DNS server unbound [1520387664] unbound[60481:0] debug: increased limit(open files) from 1024 to 4140 [1520387664] unbound[60481:0] debug: creating udp4 socket 127.0.0.1 53 [1520387664] unbound[60481:0] debug: creating tcp4 socket 127.0.0.1 53 [1520387664] unbound[60481:0] debug: creating tcp6 socket ::1 8953 [1520387664] unbound[60481:0] debug: creating tcp4 socket 127.0.0.1 8953 [1520387664] unbound[60481:0] debug: switching log to syslog ...done. root@DFW01-CPS02:~# ls -l /run/unbound.pid -rw-r--r-- 1 root root 6 Mar 7 01:54 /run/unbound.pid root@DFW01-CPS02:~# cat /run/unbound.pid 60482 root@DFW01-CPS02:~# ps -ef |grep unbound root 60455 58318 0 01:54 pts/4 00:00:00 grep --color=auto -i unbound unbound 60482 1 0 01:54 ? 00:00:00 /usr/sbin/unbound root 60599 57970 0 01:55 pts/3 00:00:00 grep --color=auto unbound root@DFW01-CPS02:~# root@DFW01-CPS02:~# service unbound stop * Stopping DNS server unbound ...done. root@DFW01-CPS02:~# cat /run/unbound.pid 60482 root@DFW01-CPS02:~# ps -ef |grep unbound root 60455 58318 0 01:54 pts/4 00:00:00 grep --color=auto -i unbound root 60627 57970 0 01:55 pts/3 00:00:00 grep --color=auto unbound root@DFW01-CPS02:~#root@DFW01-CPS02:~# dpkg -l unbound Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-===========================-==================-==================-============================================================ ii unbound 1.5.8-1ubuntu1 amd64 validating, recursive, caching DNS resolver Here are the log messages from unbound:root@DFW01-CPS02:~# tail -n 0 -f /var/log/messages | grep -i unbound Mar 7 01:54:24 DFW01-CPS02 unbound-anchor: /var/lib/unbound/root.key has content Mar 7 01:54:24 DFW01-CPS02 unbound-anchor: success: the anchor is ok Mar 7 01:54:24 DFW01-CPS02 unbound: [60481:0] debug: setup SSL certificates Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: chdir to /var/lib/unbound Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: chroot to /var/lib/unbound Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: chdir to /etc/unbound Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: drop user privileges, run as unbound Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: module config: "validator iterator" Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] notice: init module 0: validator Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: reading autotrust anchor file /root.key Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: trust point . : 1 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: assembled 0 DS and 2 DNSKEYs Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: DNSKEY:: .#011172800#011IN#011DNSKEY#011257 3 8 AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0= ;{id = 19036 (ksk), size = 2048b} Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: DNSKEY:: .#011172800#011IN#011DNSKEY#011257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ;{id = 20326 (ksk), size = 2048b} Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: file /root.key Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: last_queried: 1520387664 Wed Mar 7 01:54:24 2018 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: last_success: 1520387664 Wed Mar 7 01:54:24 2018 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: next_probe_time: 1520427614 Wed Mar 7 13:00:14 2018 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: query_interval: 43200 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: retry_time: 8640 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: query_failed: 0 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: [ VALID ] .#011172800#011IN#011DNSKEY#011257 3 8 AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0= ;{id = 19036 (ksk), size = 2048b} ;;state:2 ;;pending_count:0 last:Mon Jun 30 08:53:51 2014 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: [ VALID ] .#011172800#011IN#011DNSKEY#011257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ;{id = 20326 (ksk), size = 2048b} ;;state:2 ;;pending_count:0 last:Tue Mar 6 18:45:49 2018 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: validator nsec3cfg keysz 1024 mxiter 150 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: validator nsec3cfg keysz 2048 mxiter 500 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: validator nsec3cfg keysz 4096 mxiter 2500 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] notice: init module 1: iterator Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: target fetch policy for level 0 is 3 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: target fetch policy for level 1 is 2 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: target fetch policy for level 2 is 1 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: target fetch policy for level 3 is 0 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: target fetch policy for level 4 is 0 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: total of 59509 outgoing ports available Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: start threads Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: libevent 2.0.21-stable uses epoll method. Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: no config, using builtin root hints. Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: cache memory msg=66072 rrset=66072 infra=2632 val=66344 Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] info: start of service (unbound 1.5.8). Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: autotrust probe timer callback Mar 7 01:54:24 DFW01-CPS02 unbound: [60482:0] debug: autotrust probe timer 0 callbacks done Mar 7 01:55:36 DFW01-CPS02 unbound: [60482:0] info: service stopped (unbound 1.5.8). Mar 7 01:55:36 DFW01-CPS02 unbound: [60482:0] debug: stop threads Mar 7 01:55:36 DFW01-CPS02 unbound: [60482:0] debug: cleanup. Mar 7 01:55:36 DFW01-CPS02 unbound: [60482:0] info: server stats for thread 0: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch Mar 7 01:55:36 DFW01-CPS02 unbound: [60482:0] info: server stats for thread 0: requestlist max 0 avg 0 exceeded 0 jostled 0 Mar 7 01:55:36 DFW01-CPS02 unbound: [60482:0] info: mesh has 0 recursion states (0 with reply, 0 detached), 0 waiting replies, 0 recursion replies sent, 0 replies dropped, 0 states jostled out Mar 7 01:55:36 DFW01-CPS02 unbound: [60482:0] debug: cache memory msg=66072 rrset=66072 infra=2632 val=66344 Mar 7 01:55:36 DFW01-CPS02 unbound: [60482:0] debug: Exit cleanup. Mar 7 01:55:36 DFW01-CPS02 unbound: [60482:0] debug: switching log to stderr ^C root@DFW01-CPS02:~#