Ubuntu
avahi package

unable to stop avahi-daemon (dbus always restarts it)

Bug #1616196 reported by Simon Déziel
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
avahi (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

When avahi-daemon is stopped, dbus always revives it.

Steps to reproduce:

1. sudo systemctl stop avahi-daemon.socket
2. sudo systemctl stop avahi-daemon.service
3. ps aux| grep avahi # should return nothing

Currently, dbus revives it right away as shown in syslog:

Aug 23 15:17:22 simon-vm avahi-daemon[4036]: Got SIGTERM, quitting.
Aug 23 15:17:22 simon-vm avahi-daemon[4036]: Leaving mDNS multicast group on interface ens3.IPv6 with address 2001:470:b1c3:7946::a4.
Aug 23 15:17:22 simon-vm avahi-daemon[4036]: Leaving mDNS multicast group on interface ens3.IPv4 with address 172.24.26.52.
Aug 23 15:17:22 simon-vm avahi-daemon[4036]: avahi-daemon 0.6.32-rc exiting.
Aug 23 15:17:22 simon-vm dbus[1647]: [system] Activating via systemd: service name='org.freedesktop.Avahi' unit='dbus-org.freedesktop.Avahi.service'
Aug 23 15:17:22 simon-vm systemd[1]: Stopping Avahi mDNS/DNS-SD Stack...
Aug 23 15:17:22 simon-vm systemd[1]: Stopped Avahi mDNS/DNS-SD Stack.
Aug 23 15:17:22 simon-vm systemd[1]: Listening on Avahi mDNS/DNS-SD Stack Activation Socket.
Aug 23 15:17:22 simon-vm systemd[1]: Starting Avahi mDNS/DNS-SD Stack...

This automatic revival defeats the purpose of the up script [*] to deactivate avahi when .local is a regular DNS zone (not mDNS). This also goes against the principle of least surprise.

*: /etc/network/if-{down,up}.d/avahi-daemon

Additional information:

# lsb_release -rd
Description: Ubuntu 16.04.1 LTS
Release: 16.04

# apt-cache policy avahi-daemon dbus systemd
avahi-daemon:
  Installed: 0.6.32~rc+dfsg-1ubuntu2
  Candidate: 0.6.32~rc+dfsg-1ubuntu2
  Version table:
 *** 0.6.32~rc+dfsg-1ubuntu2 500
        500 http://ca.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
        100 /var/lib/dpkg/status
dbus:
  Installed: 1.10.6-1ubuntu3
  Candidate: 1.10.6-1ubuntu3
  Version table:
 *** 1.10.6-1ubuntu3 500
        500 http://ca.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
        100 /var/lib/dpkg/status
systemd:
  Installed: 229-4ubuntu7
  Candidate: 229-4ubuntu7
  Version table:
 *** 229-4ubuntu7 500
        500 http://ca.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     229-4ubuntu4 500
        500 http://ca.archive.ubuntu.com/ubuntu xenial/main amd64 Packages

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: avahi-daemon 0.6.32~rc+dfsg-1ubuntu2 [modified: usr/lib/avahi/avahi-daemon-check-dns.sh]
ProcVersionSignature: Ubuntu 4.4.0-36.55-generic 4.4.16
Uname: Linux 4.4.0-36-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
Date: Tue Aug 23 15:09:40 2016
InstallationDate: Installed on 2016-08-22 (0 days ago)
InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Beta amd64 (20160819)
ProcEnviron:
 LANGUAGE=en_CA:en
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_CA.UTF-8
 SHELL=/bin/bash
SourcePackage: avahi
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Simon Déziel (sdeziel) wrote :
Revision history for this message
Trent Lloyd (lathiat) wrote :

The d-bus activation thing is a quirk of systemd, it actually tells you when you run stop. You need to use disable (as well as stop) to both stop it and prevent re-activation.

root@ubuntu:~# systemctl stop avahi-daemon
Warning: Stopping avahi-daemon.service, but it can still be activated by:
  avahi-daemon.socket

You're right about the ifupdown script, though.

The good news on the one hand is that upstream hopefully soon nss-mdns will be improved to no longer need this trick.

Revision history for this message
Simon Déziel (sdeziel) wrote : Re: [Bug 1616196] Re: unable to stop avahi-daemon (dbus always restarts it)

Hi Trent,

On 2016-08-23 05:17 PM, Trent Lloyd wrote:
> The d-bus activation thing is a quirk of systemd, it actually tells you
> when you run stop. You need to use disable (as well as stop) to both
> stop it and prevent re-activation.

Disabling and stopping the socket and the service works for the manual
case, thanks.

> root@ubuntu:~# systemctl stop avahi-daemon
> Warning: Stopping avahi-daemon.service, but it can still be activated by:
> avahi-daemon.socket
>
> You're right about the ifupdown script, though.

Unfortunately for me because I'm trying to remotely disable avahi-daemon
for clients connecting to a corporate VPN where "domain.local" is used
as the DNS zone.

I haven't found any valid workaround for the ifupdown script so I now
have to instruct every clients to do the disable/stop steps themselves.
This in turn has some undesired ramifications as avahi remains inactive
even when they are off of the VPN.

> The good news on the one hand is that upstream hopefully soon nss-mdns will be improved to no longer need this trick.

I just noticed that you are an avahi developer so maybe it's my lucky day :)

I don't know why but avahi doesn't seem to limit itself to resolving
single DNS label under ".local"? Currently, it will blackhole queries
for "server.domain.local". This makes it close to impossible to use a
DNS zone under ".local". While I know that using ".local" isn't ideal,
it was the recommended way in the past [1] and it's how many networks
are setup.

The RFC [2] mentions that ".local" is for single labels and OS X also
implementation this rule [3]. Do you think it would be possible for
avahi to also implement this behavior?

Best regards,
Simon

1: https://en.wikipedia.org/wiki/.local#Microsoft_recommendations
2: https://tools.ietf.org/html/rfc6762#section-3
3: https://support.apple.com/en-us/HT201275

Revision history for this message
Trent Lloyd (lathiat) wrote :

Good news for you is that some work is going on upstream in libnss-mdns right now to fix this problem properly and always handle .local properly even when in authorative DNS - some commits just went in recently Adam Goode is doing some great work on this project:
https://github.com/lathiat/nss-mdns

Bad news is it's unlikely to ship in an existing release (i.e. LTS) but hopefully will be part of some future Ubuntu release.

Revision history for this message
Simon Déziel (sdeziel) wrote :

On 2016-10-30 09:11 AM, Trent Lloyd wrote:
> Good news for you is that some work is going on upstream in
> libnss-mdns right now to fix this problem properly and always handle
> .local properly even when in authorative DNS - some commits just went
> in recently Adam Goode is doing some great work on this project:
> https://github.com/lathiat/nss-mdns

That's excellent news! Thanks for sharing.

> Bad news is it's unlikely to ship in an existing release (i.e. LTS)
> but hopefully will be part of some future Ubuntu release.

Indeed, let's see when it lands in Ubuntu then _maybe_ we could look
into SRU'ing those bits.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in avahi (Ubuntu):
status: New → Confirmed
Revision history for this message
David S (daveman1010220) wrote :

Wow, super annoying. I just wanted the "[UFW BLOCK]" multicast messages to stop clogging up my logs when I'm connected to certain networks. I don't really want it permanently disabled, nor do I really want to change firewall rules, just to stop cluttering the log. Avahi just doesn't make sense on every network and it would be great if there were a way to stop it temporarily, without resorting to permanently disabling it. This is still happening in latest 19.10, fyi.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.