[nsd-users] NSD still shows permission errors on Debian 10 Buster
Anand Buddhdev
anandb at ripe.net
Thu May 28 18:44:54 UTC 2020
On 28/05/2020 20:00, Simon Deziel wrote:
Hi Simon,
>> I also noticed one other deficiency in the Debian unit file. It's
>> missing "Killmode=process".
>
> Indeed, the default is KillMode=control-group which SIGTERM everyone in
> the cgroup, wait 90s by default and then SIGKILL what remains.
Correct.
[snip]
> Anand, could you please provide some instructions on how to reproduce
> the issue you are/were having with the cgroup-based killing as my test
> scenario was likely too simplistic. Thanks
I don't have a reproducible scenario on hand, but on servers I manage,
there are often up to 32 child processes, and the servers are busy
answering thousnads of queries per second, and also often doing zone
transfers.
I noticed that sometimes when I wanted to shut down NSD on such servers,
there would be temporary files left over from incomplete zone transfers.
There may also have been something else, but I can't remember it now.
Anyway, I realised this was caused by system sending TERM to all
processes at the same time. That's why I fixed it with
"KillMode=process". Maybe you can try by increasing the server count to
a higher value, then forcing some zone transfers and then terminating NSD.
Regards,
Anand
More information about the nsd-users
mailing list