[Bug 277540] dns/knot-resolver: fixing rc scripts krescachegc and kresd

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 04 Jul 2024 13:31:26 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277540

--- Comment #2 from Michael Grimm <trashcan@ellael.org> ---
(In reply to Leo Vandewoestijne from comment #1)

Disclaimer: I stopped using knot-resolver, mainly due to the reason mentioned
in Bug 277332 (knot3 and knot-resolver cannot run in parallel within a service
jail). I am back to knot3 and unbound as resolver.

But I did apply your patch and installed knot-resolver in a test jail without
/var/run/kresd directory with an /etc/rc.conf as follows:

kresd_enable="YES"
kresd_user="kresd"
kresd_group="kresd"
krescachegc_enable="YES"
krescachegc_millis="600000"

After the isntallation of a patched dns/knot-resolver package I end up with:

MW-test|root> ls -alR /var/run/kresd/
total 9
drwx------  2 kresd kresd  2 Jul  4 14:37 .
drwxr-xr-x  3 root  wheel 14 Jul  4 15:17 ..

Now I do a service kresd start:

MW-test|root> ls -alR /var/run/kresd
total 27
drwx------  3 kresd kresd        6 Jul  4 15:18 .
drwxr-xr-x  4 root  wheel       15 Jul  4 15:18 ..
drwxr-x---  2 root  kresd        3 Jul  4 15:18 control
-rw-r-----  1 root  kresd 10485760 Jul  4 15:18 data.mdb
-rw-------  1 root  kresd        5 Jul  4 15:18 kresd.pid
-rw-r-----  1 root  kresd     8192 Jul  4 15:18 lock.mdb

/var/run/kresd/control:
total 10
drwxr-x---  2 root  kresd 3 Jul  4 15:18 .
drwx------  3 kresd kresd 6 Jul  4 15:18 ..
srwxr-xr-x  1 root  kresd 0 Jul  4 15:18 kresd.sock

NOTE: user is root!

Now, I do a service krescachegc start and end up with ever repeating:

Jul  4 15:19:53 <daemon.notice> test.mer-waases.lan krescachegc[68938]: Knot
Resolver Cache Garbage Collector, version 5.7.2
Jul  4 15:19:53 <daemon.notice> test.mer-waases.lan krescachegc[68938]: [cache
] LMDB error: Permission denied
Jul  4 15:19:53 <daemon.notice> test.mer-waases.lan krescachegc[68938]: Error
opening Resolver cache (Permission denied).
Jul  4 15:19:53 <daemon.notice> test.mer-waases.lan krescachegc[68938]: Error
(invalid parameter)

Processes running are:

MW-test|root> ps Af
  PID TT  STAT    TIME COMMAND
68871  -  IsJ  0:00.00 daemon: /usr/local/sbin/kresd[68872] (daemon)
68872  -  SJ   0:00.11 /usr/local/sbin/kresd -c
/usr/local/etc/knot-resolver/kresd.conf -n -q /var/run/kresd
68938  -  SsJ  0:00.01 daemon: /usr/local/sbin/kres-cache-gc[69118] (daemon)

Only after chown kresd /var/run/kresd/*.mdb kres-cache-gc starts:

MW-test|root> ps Af
  PID TT  STAT    TIME COMMAND
68871  -  IsJ  0:00.00 daemon: /usr/local/sbin/kresd[68872] (daemon)
68872  -  SJ   0:00.11 /usr/local/sbin/kresd -c
/usr/local/etc/knot-resolver/kresd.conf -n -q /var/run/kresd
69579  -  IsJ  0:00.01 daemon: /usr/local/sbin/kres-cache-gc[69613] (daemon)
69613  -  IJ   0:00.00 /usr/local/sbin/kres-cache-gc -c /var/run/kresd -d
600000

> However, -AFAIK- in krescachegc's rc script there is no need to have explicit 
> start/stop/status routine.
> Although it could be added if there is a good reason for it.

kill -9 69613

69579  -  SsJ  0:00.01 daemon: /usr/local/sbin/kres-cache-gc[69850] (daemon)
69850  -  SJ   0:00.01 /usr/local/sbin/kres-cache-gc -c /var/run/kresd -d
600000

See, 69579 immediately restarts 69850

Only a kill -9 69579 69850 will stop kres-cache-gc

Thus, I do opt for explicit start/stop/status routines

HTH and thanks for coming back on this issue,
Michael

-- 
You are receiving this mail because:
You are the assignee for the bug.