From owner-freebsd-stable@freebsd.org Fri Apr 30 07:31:40 2021 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BBAEC5F2C5B; Fri, 30 Apr 2021 07:31:40 +0000 (UTC) (envelope-from yasu@utahime.org) Received: from maybe.home.utahime.org (gate.home.utahime.org [183.180.29.210]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FWkZg4fGmz4RRs; Fri, 30 Apr 2021 07:31:39 +0000 (UTC) (envelope-from yasu@utahime.org) Received: from eastasia.home.utahime.org (eastasia.home.utahime.org [192.168.174.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by maybe.home.utahime.org (Postfix) with ESMTPS id C52438DCA; Fri, 30 Apr 2021 16:31:34 +0900 (JST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=utahime.org; s=maybe2019112701; t=1619767894; bh=qF+VSVgk54OEd8xxRODIERKGy2k6637t88F9dj9zxuI=; h=Date:To:Subject:From; b=HgEh5WZRg61t81ggRKz8mE2K0/M8xOCAZuWmxA92UziJPZuBbUkA1XoasrE25ruMQ f+2If//O4C9+l5usRtt/OZiL02B707c+2Rpb9Xij6omucOEnoijk7Ogov8kPiScmW/ M9+zDnOEvR4pz0cA/Kez9lX4NeCEsDm81h2IPCKOFz/5weaXzZPxMYo7gXShhs/cG6 cK5ioR/R6kmoo9bujnjNUCezm7RKiAU8AaeGUYD+r7QqX1j6sFRDZHl3GskNzbBP+n ArIieqKiUWwEfOanq7Zlp0fOV/YlWbGMtIm8Mt9XaN+TqpCTY+ACYuzwf06JvQoNSe RfSdYqYEwOSrA== Received: from localhost (rolling.home.utahime.org [192.168.174.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384)) (No client certificate requested) by eastasia.home.utahime.org (Postfix) with ESMTPSA id 3316F20608; Fri, 30 Apr 2021 16:31:32 +0900 (JST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.2 at eastasia.home.utahime.org Date: Fri, 30 Apr 2021 16:30:54 +0900 (JST) Message-Id: <20210430.163054.429403798691966830.yasu@utahime.org> To: freebsd-ports@freebsd.org, freebsd-stable@freebsd.org Subject: How to make 'named' rc script invokded earlier at boot time From: Yasuhiro Kimura X-Mailer: Mew version 6.8 on Emacs 27.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4FWkZg4fGmz4RRs X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=pass header.d=utahime.org header.s=maybe2019112701 header.b=HgEh5WZR; dmarc=none; spf=pass (mx1.freebsd.org: domain of yasu@utahime.org designates 183.180.29.210 as permitted sender) smtp.mailfrom=yasu@utahime.org X-Spamd-Result: default: False [-0.70 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+a:spf-authorized.utahime.org]; TO_DN_NONE(0.00)[]; HFILTER_HELO_IP_A(1.00)[maybe.home.utahime.org]; HFILTER_HELO_NORES_A_OR_MX(0.30)[maybe.home.utahime.org]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[utahime.org:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-0.999]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[183.180.29.210:from]; ASN(0.00)[asn:2519, ipnet:183.180.0.0/16, country:JP]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[utahime.org:s=maybe2019112701]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[utahime.org]; SPAMHAUS_ZRD(0.00)[183.180.29.210:from:127.0.2.255]; MID_CONTAINS_FROM(1.00)[]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-ports,freebsd-stable] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Apr 2021 07:31:40 -0000 I installed dns/bind916 on my home server and configured it so it worked as both authoritative and recursor. Then I added 'nameserver 127.0.0.1' to /etc/resolv.conf and everything worked fine. But after updating OS from 12.2-RELEASE to 13.0-RELEASE I noticed execution of some rc scripts fails at boot time because of DNS lookup error. And I also found these scripts are executed earlier than 'named'. Now let me use 'ntpdate' as an example. If I run `rcorder /etc/rc.d/* /usr/local/etc/rc.d/*` on 12.2-RELEASE, then I get following result. ---------------------------------------------------------------------- root@rolling-vm-freebsd3[474]# uname -a FreeBSD rolling-vm-freebsd3.home.utahime.org 12.2-RELEASE-p6 FreeBSD 12.2-RELEASE-p6 GENERIC amd64 root@rolling-vm-freebsd3[475]# rcorder /etc/rc.d/* /usr/local/etc/rc.d/* /etc/rc.d/growfs /etc/rc.d/sysctl /etc/rc.d/hostid /etc/rc.d/zvol /etc/rc.d/dumpon (snip) /etc/rc.d/static_arp /etc/rc.d/bridge /etc/rc.d/route6d /etc/rc.d/NETWORKING /etc/rc.d/mountcritremote /etc/rc.d/devfs /etc/rc.d/ipmon /etc/rc.d/kdc /etc/rc.d/mdconfig2 /etc/rc.d/newsyslog /etc/rc.d/syslogd /usr/local/etc/rc.d/tcsd /usr/local/etc/rc.d/named /etc/rc.d/watchdogd /etc/rc.d/savecore /etc/rc.d/archdep /etc/rc.d/linux /etc/rc.d/sysvipc /etc/rc.d/SERVERS /usr/local/etc/rc.d/tpmd /usr/local/etc/rc.d/stunnel /etc/rc.d/accounting /etc/rc.d/ntpdate /etc/rc.d/rpcbind /etc/rc.d/nfsclient /etc/rc.d/nisdomain (snip) ---------------------------------------------------------------------- As you can see, while 'named' is executed before SERVERS, 'ntpdate' is done after it. On the other hand I get following result on 13.0-RELEASE. ---------------------------------------------------------------------- root@rolling-vm-freebsd2[332]# uname -a FreeBSD rolling-vm-freebsd2.home.utahime.org 13.0-RELEASE FreeBSD 13.0-RELEASE #0 releng/13.0-n244733-ea31abc261f: Fri Apr 9 04:24:09 UTC 2021 root@releng1.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64 root@rolling-vm-freebsd2[333]# rcorder /etc/rc.d/* /usr/local/etc/rc.d/* /etc/rc.d/dhclient /etc/rc.d/dumpon /etc/rc.d/growfs /etc/rc.d/natd (snip) /etc/rc.d/netwait /etc/rc.d/blacklistd /etc/rc.d/local_unbound /etc/rc.d/NETWORKING /etc/rc.d/pppoed /etc/rc.d/kdc /etc/rc.d/kfd /etc/rc.d/nfsuserd /etc/rc.d/iscsid /etc/rc.d/ipropd_slave /etc/rc.d/nfscbd /etc/rc.d/iscsictl /etc/rc.d/ipropd_master /etc/rc.d/kadmind /etc/rc.d/kpasswdd /etc/rc.d/mountcritremote /etc/rc.d/wpa_supplicant /etc/rc.d/motd /etc/rc.d/accounting /etc/rc.d/cleartmp /etc/rc.d/dmesg /etc/rc.d/archdep /etc/rc.d/gptboot /etc/rc.d/hostapd /etc/rc.d/virecover /etc/rc.d/mdconfig2 /etc/rc.d/devfs /etc/rc.d/os-release /etc/rc.d/newsyslog /etc/rc.d/linux /etc/rc.d/syslogd /etc/rc.d/sysvipc /etc/rc.d/watchdogd /etc/rc.d/savecore /etc/rc.d/ntpdate /etc/rc.d/localpkg /etc/rc.d/auditd /etc/rc.d/bsnmpd /etc/rc.d/pwcheck /etc/rc.d/power_profile /etc/rc.d/rpcbind /etc/rc.d/auditdistd /usr/local/etc/rc.d/named /etc/rc.d/nfsclient /etc/rc.d/hastd /etc/rc.d/SERVERS /etc/rc.d/nisdomain /usr/local/etc/rc.d/stunnel /usr/local/etc/rc.d/tpmd /usr/local/etc/rc.d/tcsd (snip) ---------------------------------------------------------------------- Now both 'named' and 'ntpdate' are executed before SERVERS. And unfortunately the latter is earlier than the former. So it is natural that execution of 'ntpdate' fails with DNS lookup failure. I compared ntpdate rc script between releng/12.2 and releng/13.0 but there is no difference. ---------------------------------------------------------------------- yasu@rolling-vm-freebsd2[1035]% pwd /usr/src yasu@rolling-vm-freebsd2[1036]% git diff origin/releng/12.2 origin/releng/13.0 -- libexec/rc/rc.d/ntpdate yasu@rolling-vm-freebsd2[1037]% ---------------------------------------------------------------------- And of cource there is no difference with /usr/local/etc/rc.d/named either. So it seems evaluation of rcorder(8) is changed between 12.2-RELASE and 13.0-RELEASE. Then is there any way to make 'named' rc script invoked earlier at boot time on 13.0-RELEASE? Best Regards. --- Yasuhiro Kimura