[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unbound-anchor cannot deal with full disk #595

Closed
wrohdewald opened this issue Jan 2, 2022 · 2 comments · Fixed by klutchell/unbound-docker#437
Closed

unbound-anchor cannot deal with full disk #595

wrohdewald opened this issue Jan 2, 2022 · 2 comments · Fixed by klutchell/unbound-docker#437
Assignees
@gthess

Comments

@wrohdewald
Copy link

umbound 1.13.1 on debian bullseye

This morning, I found a full disk and a non-running unbound. Even after making room in the filesystem,
unbound refused to run:

[1641110455] unbound[7164:0] error: failed to read /var/lib/unbound/root.key

/var/lib/unbound# ls -lc
insgesamt 0
-rw-r--r-- 1 unbound unbound 0 2. Jan 00:00 root.key

So I assume that at midnight, unbound-anchor tried to update this by simply overwriting it. Which is of
course a recipe for disaster with a full disk.

A fix would be

  1. create root.key.new
  2. mv root.key.new root.key

I fixed it by manually running unbound-anchor
@teunvink
Copy link

Sadly, we see this happen from time to time on machines part of the NLNOG RING (which NLNetLabs is part of as well!). A fix would very much be appreciated!

@gthess gthess closed this as completed in 8575d5b Apr 8, 2024
@gthess gthess self-assigned this Apr 8, 2024
@gthess
Copy link
Member
gthess commented Apr 8, 2024

With the above commit unbound-anchor will behave like Unbound when updating the auto-trust-anchor-file. Namely write to a temp file and then replace the original (same strategy as @wrohdewald suggested above).

@churchofnoise churchofnoise mentioned this issue May 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gthess gthess

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Unbound release 1.20.0
3 participants
@teunvink @wrohdewald @gthess