postinst should validate config before restarting bind

Bug #1492212 reported by James Troup on 2015-09-04
This bug affects 2 people
Affects Status Importance Assigned to Milestone
bind9 (Ubuntu)

Bug Description

We recently had a bind9 package upgrade take out DNS services for a
production cloud because named failed to come up after the postinst
restarted it. So obviously, a) our DNS shouldn't be a SPOF and b) we
shouldn't let our config files get into a state where named refuses to
start, but, with that said, the bind9 postinst could be more robust
against this kind of failure mode.

Specifically it could run named-checkconf against /etc/bind/named.conf
and, if it returns 1, either:

 a) skip the restart and scream loudly to warn the admin


 b) abort the package install by erroring out of the postinst at that point

Robie Basak (racb) wrote :

Thanks James.

I think I favour b) since a) would only be noticed by someone watching console output. Though having said that, the situation wouldn't be any worse than before the postinst was run.

This needs to be forwarded to Debian.

Changed in bind9 (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
tags: added: needs-upstream-report
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers