From afa56a60023c1b3cb541e3c363a87baf84affd33 Mon Sep 17 00:00:00 2001 From: Eric Luehrsen Date: Fri, 17 Mar 2017 22:45:47 -0400 Subject: [PATCH] unbound: fix hotplug iface and ntp restarts Unbound is configured to restart on hotplug/iface but this can result in numerous restarts at boot. Unbound also has a restart for NTP. This was observed to generate trouble and even with procd robustness too many crashes might occur (rare). Unbound would not be running. Give more care to /var/lib/unbound/root.key during restarts. Use procd for iface restarts. Check pidof() to wait one more second for Unbound. Signed-off-by: Eric Luehrsen --- net/unbound/Makefile | 4 +--- net/unbound/files/unbound.iface | 20 -------------------- net/unbound/files/unbound.init | 6 +++++- net/unbound/files/unbound.sh | 16 ++++++++++------ 4 files changed, 16 insertions(+), 30 deletions(-) delete mode 100755 net/unbound/files/unbound.iface diff --git a/net/unbound/Makefile b/net/unbound/Makefile index fc783ebfb..d6ded2cf4 100644 --- a/net/unbound/Makefile +++ b/net/unbound/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=unbound PKG_VERSION:=1.6.1 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE @@ -148,8 +148,6 @@ define Package/unbound/install $(INSTALL_DATA) ./files/unbound_srv.conf $(1)/etc/unbound/unbound_srv.conf $(INSTALL_DIR) $(1)/etc/config $(INSTALL_DATA) ./files/unbound.uci $(1)/etc/config/unbound - $(INSTALL_DIR) $(1)/etc/hotplug.d/iface - $(INSTALL_BIN) ./files/unbound.iface $(1)/etc/hotplug.d/iface/25-unbound $(INSTALL_DIR) $(1)/etc/hotplug.d/ntp $(INSTALL_BIN) ./files/unbound.ntpd $(1)/etc/hotplug.d/ntp/25-unbound $(INSTALL_DIR) $(1)/etc/init.d diff --git a/net/unbound/files/unbound.iface b/net/unbound/files/unbound.iface deleted file mode 100755 index 172bcae51..000000000 --- a/net/unbound/files/unbound.iface +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh -############################################################################## -# -# Copyright (C) 2016 Eric Luehrsen -# -############################################################################## -# -# "Restart" Unbound on hotplug interface up: -# - Clean rebind of unbound to new interfaces -# - Some of Unbound conf options to not reload run time -# - Unbound can grow a bit so this will shrink it back -# -############################################################################## - -if [ "$ACTION" = ifup ] && /etc/init.d/unbound enabled ; then - /etc/init.d/unbound restart -fi - -############################################################################## - diff --git a/net/unbound/files/unbound.init b/net/unbound/files/unbound.init index d3aa8389b..e4b7ec85f 100755 --- a/net/unbound/files/unbound.init +++ b/net/unbound/files/unbound.init @@ -20,6 +20,9 @@ PROG=/usr/sbin/unbound ############################################################################## start_service() { + # WAIT! Unbound often takes its time writing closure stats to syslog + pidof $PROG && sleep 1 + # complex UCI work unbound_start @@ -39,7 +42,8 @@ stop_service() { ############################################################################## service_triggers() { - procd_add_reload_trigger "dhcp" "network" "unbound" + procd_add_reload_trigger "unbound" + procd_add_raw_trigger "interface.*" 2000 /etc/init.d/unbound restart } ############################################################################## diff --git a/net/unbound/files/unbound.sh b/net/unbound/files/unbound.sh index 68d01a47b..5f733fbcb 100644 --- a/net/unbound/files/unbound.sh +++ b/net/unbound/files/unbound.sh @@ -236,6 +236,7 @@ unbound_mkdir() { local resolvsym=0 local dhcp_origin=$( uci get dhcp.@odhcpd[0].leasefile ) local dhcp_dir=$( dirname "$dhcp_origin" ) + local filestuff if [ ! -x /usr/sbin/dnsmasq -o ! -x /etc/init.d/dnsmasq ] ; then @@ -265,8 +266,15 @@ unbound_mkdir() { if [ -f $UNBOUND_KEYFILE ] ; then - # Lets not lose RFC 5011 tracking if we don't have to - cp -p $UNBOUND_KEYFILE $UNBOUND_KEYFILE.keep + filestuff=$( cat $UNBOUND_KEYFILE ) + + + case "$filestuff" in + *"state=2 [ VALID ]"*) + # Lets not lose RFC 5011 tracking if we don't have to + cp -p $UNBOUND_KEYFILE $UNBOUND_KEYFILE.keep + ;; + esac fi @@ -891,10 +899,6 @@ unbound_stop() { rm -f /tmp/resolv.conf ln -s /tmp/resolv.conf.auto /tmp/resolv.conf fi - - - # Unbound has a log dump which takes time; don't overlap a "restart" - sleep 1 } ##############################################################################