我试图将unbound设置为我的DNS解析器,但似乎 unbound 启动后立即终止。在日志中似乎没有任何迹象表明为什么会发生这种情况。这台服务器上安装了pi-hole,并且也在运行Apache webserver。
配置文件与 pi-hole的文件但是 logfile 改为 /var/log/unbound/unbound.log 而啰嗦则设置为 2.
开始 unbound 使用 service unbound start 将导致 systemd 试图一次次启动解绑。
Jan 28 15:58:51 srv01 systemd[1]: unbound.service: Main process exited, code=killed, status=9/KILL
Jan 28 15:58:51 srv01 systemd[1]: unbound.service: Failed with result 'signal'.
Jan 28 15:58:51 srv01 systemd[1]: Failed to start Unbound DNS server.
Jan 28 15:58:51 srv01 systemd[1]: unbound.service: Service hold-off time over, scheduling restart.
etc..
在前台运行就会出现这种情况。
[1584217278] unbound[31341:0] notice: Start of unbound 1.6.7.
[1584217278] unbound[31341:0] debug: increased limit(open files) from 1024 to 4140
[1584217278] unbound[31341:0] debug: creating udp4 socket 127.0.0.1 5353
[1584217278] unbound[31341:0] debug: creating tcp4 socket 127.0.0.1 5353
[1584217278] unbound[31341:0] debug: creating tcp4 socket 127.0.0.1 8953
[1584217278] unbound[31341:0] debug: setup SSL certificates
[1584217278] unbound[31341:0] warning: did not exit gracefully last time (30708)
[1584217278] unbound[31341:0] debug: chdir to /etc/unbound
[1584217278] unbound[31341:0] debug: drop user privileges, run as unbound
[1584217278] unbound[31341:0] debug: switching log to /var/log/unbound/unbound.log
Killed
最后一次运行的日志文件输出是:
[1584216438] unbound[30708:0] debug: module config: "subnetcache validator iterator"
[1584216438] unbound[30708:0] notice: init module 0: subnet
[1584216438] unbound[30708:0] debug: subnet: option registered (8)
[1584216438] unbound[30708:0] notice: init module 1: validator
[1584216438] unbound[30708:0] debug: reading autotrust anchor file /var/lib/unbound/root.key
[1584216438] unbound[30708:0] info: trust point . : 1
[1584216438] unbound[30708:0] info: assembled 0 DS and 2 DNSKEYs
[1584216438] unbound[30708:0] info: DNSKEY:: . 172800 IN DNSKEY 257 3 8 <redacted> ;{id = 20326 (ksk), size = 2048b}
[1584216438] unbound[30708:0] info: DNSKEY:: . 172800 IN DNSKEY 257 3 8 <redacted> ;{id = 19036 (ksk), size = 2048b}
[1584216438] unbound[30708:0] info: file /var/lib/unbound/root.key
[1584216438] unbound[30708:0] info: last_queried: 1584203277 Sat Mar 14 16:27:57 2020
[1584216438] unbound[30708:0] info: last_success: 1584203277 Sat Mar 14 16:27:57 2020
[1584216438] unbound[30708:0] info: next_probe_time: 1584242781 Sun Mar 15 03:26:21 2020
[1584216438] unbound[30708:0] info: query_interval: 43200
[1584216438] unbound[30708:0] info: retry_time: 8640
[1584216438] unbound[30708:0] info: query_failed: 0
[1584216438] unbound[30708:0] info: [ VALID ] . 172800 IN DNSKEY 257 3 8 <redacted> ;{id = 20326 (ksk), size = 2048b} ;;state:2 ;;pending_count:0 last:Sat Mar 14 16:27:53 2020
[1584216438] unbound[30708:0] info: [ MISSING ] . 172800 IN DNSKEY 257 3 8 <redacted> ;{id = 19036 (ksk), size = 2048b} ;;state:3 ;;pending_count:0 last:Sat Mar 14 16:27:53 2020
[1584216438] unbound[30708:0] debug: validator nsec3cfg keysz 1024 mxiter 150
[1584216438] unbound[30708:0] debug: validator nsec3cfg keysz 2048 mxiter 500
[1584216438] unbound[30708:0] debug: validator nsec3cfg keysz 4096 mxiter 2500
[1584216438] unbound[30708:0] notice: init module 2: iterator
[1584216438] unbound[30708:0] debug: target fetch policy for level 0 is 3
[1584216438] unbound[30708:0] debug: target fetch policy for level 1 is 2
[1584216438] unbound[30708:0] debug: target fetch policy for level 2 is 1
[1584216438] unbound[30708:0] debug: target fetch policy for level 3 is 0
[1584216438] unbound[30708:0] debug: target fetch policy for level 4 is 0
[1584216438] unbound[30708:0] debug: donotq: 127.0.0.0/8
[1584216438] unbound[30708:0] debug: EDNS known options:
[1584216438] unbound[30708:0] debug: Code: Bypass_cache_stage: Aggregate_mesh:
[1584216438] unbound[30708:0] debug: edns-cli NO
有没有办法知道为什么这个进程会收到一个... ... SIGKILL?
你可以在终端中手动运行unbound,如下所示
unbound -d
因为你希望日志中的早期错误,所以在日志之前,unbound会在终端上只对早期错误进行verbose。