Yasuhiro Kimura
2021-Apr-30 07:30 UTC
How to make 'named' rc script invokded earlier at boot time
I installed dns/bind916 on my home server and configured it so it worked as both authoritative and recursor. Then I added 'nameserver 127.0.0.1' to /etc/resolv.conf and everything worked fine. But after updating OS from 12.2-RELEASE to 13.0-RELEASE I noticed execution of some rc scripts fails at boot time because of DNS lookup error. And I also found these scripts are executed earlier than 'named'. Now let me use 'ntpdate' as an example. If I run `rcorder /etc/rc.d/* /usr/local/etc/rc.d/*` on 12.2-RELEASE, then I get following result. ---------------------------------------------------------------------- root at rolling-vm-freebsd3[474]# uname -a FreeBSD rolling-vm-freebsd3.home.utahime.org 12.2-RELEASE-p6 FreeBSD 12.2-RELEASE-p6 GENERIC amd64 root at rolling-vm-freebsd3[475]# rcorder /etc/rc.d/* /usr/local/etc/rc.d/* /etc/rc.d/growfs /etc/rc.d/sysctl /etc/rc.d/hostid /etc/rc.d/zvol /etc/rc.d/dumpon (snip) /etc/rc.d/static_arp /etc/rc.d/bridge /etc/rc.d/route6d /etc/rc.d/NETWORKING /etc/rc.d/mountcritremote /etc/rc.d/devfs /etc/rc.d/ipmon /etc/rc.d/kdc /etc/rc.d/mdconfig2 /etc/rc.d/newsyslog /etc/rc.d/syslogd /usr/local/etc/rc.d/tcsd /usr/local/etc/rc.d/named /etc/rc.d/watchdogd /etc/rc.d/savecore /etc/rc.d/archdep /etc/rc.d/linux /etc/rc.d/sysvipc /etc/rc.d/SERVERS /usr/local/etc/rc.d/tpmd /usr/local/etc/rc.d/stunnel /etc/rc.d/accounting /etc/rc.d/ntpdate /etc/rc.d/rpcbind /etc/rc.d/nfsclient /etc/rc.d/nisdomain (snip) ---------------------------------------------------------------------- As you can see, while 'named' is executed before SERVERS, 'ntpdate' is done after it. On the other hand I get following result on 13.0-RELEASE. ---------------------------------------------------------------------- root at rolling-vm-freebsd2[332]# uname -a FreeBSD rolling-vm-freebsd2.home.utahime.org 13.0-RELEASE FreeBSD 13.0-RELEASE #0 releng/13.0-n244733-ea31abc261f: Fri Apr 9 04:24:09 UTC 2021 root at releng1.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64 root at rolling-vm-freebsd2[333]# rcorder /etc/rc.d/* /usr/local/etc/rc.d/* /etc/rc.d/dhclient /etc/rc.d/dumpon /etc/rc.d/growfs /etc/rc.d/natd (snip) /etc/rc.d/netwait /etc/rc.d/blacklistd /etc/rc.d/local_unbound /etc/rc.d/NETWORKING /etc/rc.d/pppoed /etc/rc.d/kdc /etc/rc.d/kfd /etc/rc.d/nfsuserd /etc/rc.d/iscsid /etc/rc.d/ipropd_slave /etc/rc.d/nfscbd /etc/rc.d/iscsictl /etc/rc.d/ipropd_master /etc/rc.d/kadmind /etc/rc.d/kpasswdd /etc/rc.d/mountcritremote /etc/rc.d/wpa_supplicant /etc/rc.d/motd /etc/rc.d/accounting /etc/rc.d/cleartmp /etc/rc.d/dmesg /etc/rc.d/archdep /etc/rc.d/gptboot /etc/rc.d/hostapd /etc/rc.d/virecover /etc/rc.d/mdconfig2 /etc/rc.d/devfs /etc/rc.d/os-release /etc/rc.d/newsyslog /etc/rc.d/linux /etc/rc.d/syslogd /etc/rc.d/sysvipc /etc/rc.d/watchdogd /etc/rc.d/savecore /etc/rc.d/ntpdate /etc/rc.d/localpkg /etc/rc.d/auditd /etc/rc.d/bsnmpd /etc/rc.d/pwcheck /etc/rc.d/power_profile /etc/rc.d/rpcbind /etc/rc.d/auditdistd /usr/local/etc/rc.d/named /etc/rc.d/nfsclient /etc/rc.d/hastd /etc/rc.d/SERVERS /etc/rc.d/nisdomain /usr/local/etc/rc.d/stunnel /usr/local/etc/rc.d/tpmd /usr/local/etc/rc.d/tcsd (snip) ---------------------------------------------------------------------- Now both 'named' and 'ntpdate' are executed before SERVERS. And unfortunately the latter is earlier than the former. So it is natural that execution of 'ntpdate' fails with DNS lookup failure. I compared ntpdate rc script between releng/12.2 and releng/13.0 but there is no difference. ---------------------------------------------------------------------- yasu at rolling-vm-freebsd2[1035]% pwd /usr/src yasu at rolling-vm-freebsd2[1036]% git diff origin/releng/12.2 origin/releng/13.0 -- libexec/rc/rc.d/ntpdate yasu at rolling-vm-freebsd2[1037]% ---------------------------------------------------------------------- And of cource there is no difference with /usr/local/etc/rc.d/named either. So it seems evaluation of rcorder(8) is changed between 12.2-RELASE and 13.0-RELEASE. Then is there any way to make 'named' rc script invoked earlier at boot time on 13.0-RELEASE? Best Regards. --- Yasuhiro Kimura
Mathieu Arnold
2021-Apr-30 08:02 UTC
How to make 'named' rc script invokded earlier at boot time
On Fri, Apr 30, 2021 at 04:30:54PM +0900, Yasuhiro Kimura wrote:> Then is there any way to make 'named' rc script invoked earlier at > boot time on 13.0-RELEASE?There is an option in the port to have named start later, but up to now, it was starting early enough. The only way I can see is modify the named rc script and add the services that needs named to be started on the BEFORE line at the beginning of the script. Mind you, it really needs to start after syslog (unless you log directly to files and do not use syslog.) -- Mathieu Arnold -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 963 bytes Desc: not available URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20210430/62474995/attachment.sig>
Eugene Grosbein
2021-Apr-30 10:46 UTC
How to make 'named' rc script invokded earlier at boot time
30.04.2021 14:30, Yasuhiro Kimura wrote:> I installed dns/bind916 on my home server and configured it so it > worked as both authoritative and recursor. Then I added > 'nameserver 127.0.0.1' to /etc/resolv.conf and everything worked fine. > > But after updating OS from 12.2-RELEASE to 13.0-RELEASE I noticed > execution of some rc scripts fails at boot time because of DNS lookup > error. And I also found these scripts are executed earlier than > 'named'. > > Now let me use 'ntpdate' as an example.named sometimes *requires* correct time to be set before it is started, so you should either use some IP addressess for NTP bootstrapping at boot time, or put NTP server hostname to /etc/hosts with its IP, so it resolves before named fires.
On 2021-04-30 00:30, Yasuhiro Kimura wrote:> I installed dns/bind916 on my home server and configured it so it > worked as both authoritative and recursor. Then I added > 'nameserver 127.0.0.1' to /etc/resolv.conf and everything worked fine. > > But after updating OS from 12.2-RELEASE to 13.0-RELEASE I noticed > execution of some rc scripts fails at boot time because of DNS lookup > error. And I also found these scripts are executed earlier than > 'named'.I've been plagued with this for years (well, a couple anyways) on several of my servers. As I never saw anyone else mention it. I assumed it was just "me". ;-) rc(8) has a mountlate. Seems to me there ought to be a "startlate" key as well. While this won't fix the cause introduced. It might at least solve the problem. create an /etc/rc.conf.local and move your host/nic related things into it followed by your "named" entry. Leaving everything else in /etc/rc.conf This (should) source all the rc.conf.local entries ahead of the rc.conf entries. Thereby providing name resolution before ntpdate(8)/time sync service(s) HTH --Chris> > Now let me use 'ntpdate' as an example. > > If I run `rcorder /etc/rc.d/* /usr/local/etc/rc.d/*` on 12.2-RELEASE, > then I get following result. > > ---------------------------------------------------------------------- > root at rolling-vm-freebsd3[474]# uname -a > FreeBSD rolling-vm-freebsd3.home.utahime.org 12.2-RELEASE-p6 FreeBSD > 12.2-RELEASE-p6 GENERIC amd64 > root at rolling-vm-freebsd3[475]# rcorder /etc/rc.d/* /usr/local/etc/rc.d/* > /etc/rc.d/growfs > /etc/rc.d/sysctl > /etc/rc.d/hostid > /etc/rc.d/zvol > /etc/rc.d/dumpon > (snip) > /etc/rc.d/static_arp > /etc/rc.d/bridge > /etc/rc.d/route6d > /etc/rc.d/NETWORKING > /etc/rc.d/mountcritremote > /etc/rc.d/devfs > /etc/rc.d/ipmon > /etc/rc.d/kdc > /etc/rc.d/mdconfig2 > /etc/rc.d/newsyslog > /etc/rc.d/syslogd > /usr/local/etc/rc.d/tcsd > /usr/local/etc/rc.d/named > /etc/rc.d/watchdogd > /etc/rc.d/savecore > /etc/rc.d/archdep > /etc/rc.d/linux > /etc/rc.d/sysvipc > /etc/rc.d/SERVERS > /usr/local/etc/rc.d/tpmd > /usr/local/etc/rc.d/stunnel > /etc/rc.d/accounting > /etc/rc.d/ntpdate > /etc/rc.d/rpcbind > /etc/rc.d/nfsclient > /etc/rc.d/nisdomain > (snip) > ---------------------------------------------------------------------- > > As you can see, while 'named' is executed before SERVERS, 'ntpdate' is > done after it. > > On the other hand I get following result on 13.0-RELEASE. > > ---------------------------------------------------------------------- > root at rolling-vm-freebsd2[332]# uname -a > FreeBSD rolling-vm-freebsd2.home.utahime.org 13.0-RELEASE FreeBSD > 13.0-RELEASE #0 > releng/13.0-n244733-ea31abc261f: Fri Apr 9 04:24:09 UTC 2021 > root at releng1.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64 > root at rolling-vm-freebsd2[333]# rcorder /etc/rc.d/* /usr/local/etc/rc.d/* > /etc/rc.d/dhclient > /etc/rc.d/dumpon > /etc/rc.d/growfs > /etc/rc.d/natd > (snip) > /etc/rc.d/netwait > /etc/rc.d/blacklistd > /etc/rc.d/local_unbound > /etc/rc.d/NETWORKING > /etc/rc.d/pppoed > /etc/rc.d/kdc > /etc/rc.d/kfd > /etc/rc.d/nfsuserd > /etc/rc.d/iscsid > /etc/rc.d/ipropd_slave > /etc/rc.d/nfscbd > /etc/rc.d/iscsictl > /etc/rc.d/ipropd_master > /etc/rc.d/kadmind > /etc/rc.d/kpasswdd > /etc/rc.d/mountcritremote > /etc/rc.d/wpa_supplicant > /etc/rc.d/motd > /etc/rc.d/accounting > /etc/rc.d/cleartmp > /etc/rc.d/dmesg > /etc/rc.d/archdep > /etc/rc.d/gptboot > /etc/rc.d/hostapd > /etc/rc.d/virecover > /etc/rc.d/mdconfig2 > /etc/rc.d/devfs > /etc/rc.d/os-release > /etc/rc.d/newsyslog > /etc/rc.d/linux > /etc/rc.d/syslogd > /etc/rc.d/sysvipc > /etc/rc.d/watchdogd > /etc/rc.d/savecore > /etc/rc.d/ntpdate > /etc/rc.d/localpkg > /etc/rc.d/auditd > /etc/rc.d/bsnmpd > /etc/rc.d/pwcheck > /etc/rc.d/power_profile > /etc/rc.d/rpcbind > /etc/rc.d/auditdistd > /usr/local/etc/rc.d/named > /etc/rc.d/nfsclient > /etc/rc.d/hastd > /etc/rc.d/SERVERS > /etc/rc.d/nisdomain > /usr/local/etc/rc.d/stunnel > /usr/local/etc/rc.d/tpmd > /usr/local/etc/rc.d/tcsd > (snip) > ---------------------------------------------------------------------- > > Now both 'named' and 'ntpdate' are executed before SERVERS. And > unfortunately the latter is earlier than the former. So it is natural > that execution of 'ntpdate' fails with DNS lookup failure. > > I compared ntpdate rc script between releng/12.2 and releng/13.0 but > there is no difference. > > ---------------------------------------------------------------------- > yasu at rolling-vm-freebsd2[1035]% pwd > /usr/src > yasu at rolling-vm-freebsd2[1036]% git diff origin/releng/12.2 > origin/releng/13.0 -- > libexec/rc/rc.d/ntpdate > yasu at rolling-vm-freebsd2[1037]% > ---------------------------------------------------------------------- > > And of cource there is no difference with /usr/local/etc/rc.d/named > either. So it seems evaluation of rcorder(8) is changed between > 12.2-RELASE and 13.0-RELEASE. > > Then is there any way to make 'named' rc script invoked earlier at > boot time on 13.0-RELEASE? > > Best Regards. > > --- > Yasuhiro Kimura > _______________________________________________ > freebsd-ports at freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe at freebsd.org"