On 10/24/2016 09:58 AM, Roel de Wildt via arch-general wrote:
I have found that the issue that I previously reported with systemctl
hanging when starting pdns-recursor is due to my pdns_recursor configuration having a chroot in it and it looks like I have to modify the setup for chroot to work under system (though I didn't have any problems with the previous version of pdns_recursor).
Nataraj
Does it work if you comment out the chroot option in the configuration of pdns_recursor? Just to rule out other possible configuration issues.
Yes, it does run correctly if I remove chroot from the config file.
It looks like that systemd is not detecting your pdns_recursor process. I don't know yet how to fix this but in the 'journalctl -r' will properly shows a hint where to look further.
There are no entries in the log other than the normal output from the recursor which does actually work only that systemd thinks it's still starting. There are these changes in the systemd pdns-recursor.service between 3.7.3-3 and 4.0.3-1: 3.7.3-3 [Unit] Description=PowerDNS resolving DNS server After=network.target [Service] Type=forking ExecStart=/usr/bin/pdns_recursor --daemon [Install] WantedBy=multi-user.target ------------------------------------------ 4.0.3-1 [Unit] Description=PowerDNS Recursor Documentation=man:pdns_recursor(1) man:rec_control(1) Documentation=https://doc.powerdns.com Wants=network-online.target nss-lookup.target Before=nss-lookup.target After=network-online.target [Service] Type=notify ExecStart=/usr/bin/pdns_recursor --daemon=no --write-pid=no --disable-syslog Restart=on-failure StartLimitInterval=0 PrivateTmp=true PrivateDevices=true CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_CHOWN CA\ P_SYS_CHROOT NoNewPrivileges=true ProtectSystem=full ProtectHome=true RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 LimitNOFILE=4200 [Install] WantedBy=multi-user.target So it looks like the 4.0.3-1 version is interfacing to systemd in a way that the 3.7.3 version was not. I have not yet spent the time to understand the systemd interface and how daemons running under systemd interface too it. I know that pdns-recursor creates a socket for use by the rec_control program, but it does not appear that systemd uses that socket because I tried moving that socket to a different place using the config file directive and it still worked normal (without the chroot) when I did that. Various articles such as these imply that you have to setup chroots differently under systemd: http://superuser.com/questions/688733/start-a-systemd-service-inside-chroot#... https://wiki.archlinux.org/index.php/Arch_systemd_container but I'm open to other suggestions on how to do this. How does systemd determine if a daemon process is running or fully started? Thank You, Nataraj