nanny (was Re: bind-9.8.1: INSIST(! dns_rdataset_isassociated(sigrdataset)) failed)

G.W. Haywood bind at
Fri Nov 18 10:44:34 UTC 2011

Hi there,

On Thu, 17 Nov 2011 Jeremy C. Reed wrote:
> On Wed, 16 Nov 2011, Phil Mayers wrote:
> >
> > It might be good if bind were able to re-start itself, rather than dying
> > outright (e.g. re-exec the process) but that is dangerous too; it's better
> > done by an unrelated supervising process.
> In the bind9 tarball's contrib directory there is a simply "nanny" ...
> I am curious if any users of the script (or similar parent) had
> any crash but didn't notice it. ...

Never in several machine decades have I had to do anything like that
for BIND.  The fact that people are even talking about it is of some
concern to me.  Twice in approximately the last month I have had one
particular server go down for no apparent reason.  This machine runs
BIND.  I keep its copy of BIND fairly well up to date.  It has been
running 24/7 for well over a decade with typically a couple of years
between reboots.  I have no evidence that BIND was the culprit, but in
view of recent events elsewhere it seems just a little suspicious.

> Also what other types of nanny scripts do you use? (I already saw other
> emails with a few suggestions.)

The only nanny I normally use is something which restarts sshd every
fifteen minutes from the crontab.  Attackers sometimes manage to crash
a daemon while trying to exploit it; some of my remote machines are
*very* remote; and a two thousand mile round trip to restart a daemon
is unappealing.  Other than that, if something is so unreliable that
it needs a nanny, I won't use it anywhere that matters.



More information about the bind-users mailing list