<div dir="ltr"><div>OK. It's been a while since I've done sys-admin and it shows.</div><div> </div><div>It appears BIND isn't starting on system reboot and whenever I restart the daemon, using the rc script, all I do is spawn another process, so I have multiple instances running in parallel, every time I run the restart script ...</div><div> </div><div>Following restart:-</div><div> </div><div>[root@sromelextdns02 init.d]# service named status<br>named is stopped</div><div> </div><div>Attempt to start:-</div><div> </div><div>[root@sromelextdns02 init.d]# service named restart<br>Shutting down named: [FAILED]<br>Starting named: [ OK ]</div><div> </div><div>[root@sromelextdns02 init.d]# service named status<br>named dead but subsys locked</div><div> </div><div>Yet, I can still perform an nslookup on the local host, using the IP of eth0 as the server ...</div><div> </div><div>Here is our script:-</div><div> </div><div>#!/bin/sh<br>#<br># named This shell script takes care of starting and stopping<br># named (BIND DNS server).<br>#<br># chkconfig: 345 55 45<br># description: named (BIND) is a Domain Name Server (DNS) \<br># that is used to resolve host names to IP addresses.<br># probe: true</div><div># Source function library.<br>. /etc/rc.d/init.d/functions</div><div># Source networking configuration.<br>. /etc/sysconfig/network</div><div># Check that networking is up.<br>[ ${NETWORKING} = "no" ] && exit 0</div><div>[ -f /usr/local/sbin/named ] || exit 0</div><div># See how we were called.<br>case "$1" in<br> start)<br> # Start daemons.<br> echo -n "Starting named: "<br> daemon /usr/local/sbin/named -u named -t /var/named -c /etc/named.conf<br> echo<br> touch /var/lock/subsys/named<br> ;;<br> stop)<br> # Stop daemons.<br> echo -n "Shutting down named: "<br> killproc named<br> rm -f /var/lock/subsys/named<br> echo<br> ;;<br> status)<br> status named<br> exit $?<br> ;;<br> restart)<br> $0 stop<br> $0 start<br> exit $?<br> ;;<br> reload)<br> /usr/local/sbin/rndc reload<br> exit $?<br> ;;<br> probe)<br> # named knows how to reload intelligently; we don't want linuxconf<br> # to offer to restart every time<br> /usr/local/sbin/rndc reload >/dev/null 2>&1 || echo start<br> exit 0<br> ;;</div><div> *)<br> echo "Usage: named {start|stop|status|restart|reload}"<br> exit 1<br>esac</div><div>exit 0</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Dec 2, 2015 at 9:54 PM, Tony Finch <span dir="ltr"><<a href="mailto:dot@dotat.at" target="_blank">dot@dotat.at</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span>chris liesfield <<a href="mailto:chris.liesfield@gmail.com">chris.liesfield@gmail.com</a>> wrote:<br>
><br>
> # See how we were called.<br>
><br>
> case "$1" in<br>
> start)<br>
> # Start daemons.<br>
> echo -n "Starting named: "<br>
> daemon /usr/local/sbin/named -u named -t /var/named -c /etc/named.conf<br>
> echo<br>
> touch /var/lock/subsys/named<br>
> ;;<br>
<br>
</span>I often find that it's helpful for rc scripts to ensure the chroot is set<br>
up correctly in the start action: set up device files, directories and<br>
permissions, create rndc.key if it is missing. It's fairly common for rc<br>
scripts which have the option of running named either chrooted or not to<br>
copy files from /etc to the chroot whenever starting or reloading the<br>
server.<br>
<br>
Some of the chroot setup can be redundant if you have a good configuration<br>
management tool - I like Ansible.<br>
<br>
After starting named I wait for it to finish loading everything (to avoid<br>
races) then fix the permissions on the nsupdate key.<br>
<br>
while ! rndc status >/dev/null 2>&1<br>
do sleep 0.1<br>
done<br>
chmod g+r $RUN/session.key<br>
<br>
Similarly when stopping:<br>
<br>
# dummy argument in case named is not running<br>
set $(rndc stop -p 2>/dev/null) "dummy"<br>
while kill -0 $2 2>/dev/null<br>
do echo -n "."<br>
sleep 0.1<br>
done<br>
<span class="HOEnZb"><font color="#888888"><br>
Tony.<br>
--<br>
f.anthony.n.finch <<a href="mailto:dot@dotat.at">dot@dotat.at</a>> <a href="http://dotat.at/" rel="noreferrer" target="_blank">http://dotat.at/</a><br>
Fisher: Southwest 5 to 7 veering northwest 4 or 5. Moderate or rough. Fair<br>
then rain. Good, becoming moderate or poor.<br>
</font></span></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div>Chris.</div><div><br><div><span style="font-family:'Droid Sans Mono','Lucida Console','Andale Mono','Courier New',Courier,monospace;font-size:12px;line-height:12px;white-space:pre">\(")/</span></div><div><span style="font-family:'Droid Sans Mono','Lucida Console','Andale Mono','Courier New',Courier,monospace;font-size:12px;line-height:12px;white-space:pre"></span><span style="font-family:'Droid Sans Mono','Lucida Console','Andale Mono','Courier New',Courier,monospace;font-size:12px;line-height:12px;white-space:pre">-( )-</span></div><div><span style="font-family:'Droid Sans Mono','Lucida Console','Andale Mono','Courier New',Courier,monospace;font-size:12px;line-height:12px;white-space:pre"></span><span style="font-family:'Droid Sans Mono','Lucida Console','Andale Mono','Courier New',Courier,monospace;font-size:12px;line-height:12px;white-space:pre">/(_)\</span></div><div><span style="font-family:Vollkorn,'Lucida Grande','Lucida Sans',sans-serif;font-size:20px;font-style:italic"><pre style="font-style:normal;font-weight:normal;font-family:'Droid Sans Mono','Lucida Console','Andale Mono','Courier New',Courier,monospace;font-size:12px;line-height:12px">
</pre></span></div></div></div>
</div>