有馬総一郎のブログ

(彼氏の事情)

2020年11月01日 01:59:15 JST - 2 minute read - Comments - Linux

Ubuntu16.04から18.04にアップグレードしたら、unboundが動かない…

2020年4月頃の話だが、Ubuntu 16.04から18.04にアップグレードしたらunboundが動かない。

エラーになる。

arimasou16@ubuntu:~$ systemctl status unbound.service
● unbound.service - Unbound DNS server
   Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sun 2020-08-02 01:04:37 JST; 15s ago
     Docs: man:unbound(8)
  Process: 7396 ExecStart=/usr/sbin/unbound -d $DAEMON_OPTS (code=exited, status=1/FAILURE)
  Process: 7377 ExecStartPre=/usr/lib/unbound/package-helper root_trust_anchor_update (code=exited, status=0/SUCCESS)
  Process: 7365 ExecStartPre=/usr/lib/unbound/package-helper chroot_setup (code=exited, status=0/SUCCESS)
 Main PID: 7396 (code=exited, status=1/FAILURE)

 8月 02 01:04:37 ubuntu systemd[1]: unbound.service: Service hold-off time over, scheduling restart.
 8月 02 01:04:37 ubuntu systemd[1]: unbound.service: Scheduled restart job, restart counter is at 10.
 8月 02 01:04:37 ubuntu systemd[1]: Stopped Unbound DNS server.
 8月 02 01:04:37 ubuntu systemd[1]: unbound.service: Start request repeated too quickly.
 8月 02 01:04:37 ubuntu systemd[1]: unbound.service: Failed with result 'exit-code'.
 8月 02 01:04:37 ubuntu systemd[1]: Failed to start Unbound DNS server.

unbound -d -vを実行してみる。

arimasou16@ubuntu:~$ unbound -d -v
[1596298114] unbound[7578:0] notice: Start of unbound 1.6.7.
[1596298114] unbound[7578:0] error: can't bind socket: Permission denied for 0.0.0.0
[1596298114] unbound[7578:0] fatal error: could not open ports

うん…portが既に使われてる?!

portを調べる

arimasou16@ubuntu:~$ sudo ss -lntp | grep 53
LISTEN  0        128                 127.0.0.53%lo:53             0.0.0.0:*      users:(("systemd-resolve",pid=1327,fd=13))
LISTEN  0        100                             *:8080                 *:*      users:(("java",pid=2556,fd=53))

systemd-resolveなる機能が追加されたようだ。なので無効化する。

Ubuntuでsystemd-resolvedを無効にする方法は?

arimasou16@ubuntu:~$ sudo systemctl disable systemd-resolved
Removed /etc/systemd/system/multi-user.target.wants/systemd-resolved.service.
Removed /etc/systemd/system/dbus-org.freedesktop.resolve1.service.
arimasou16@ubuntu:~$ sudo systemctl stop systemd-resolved
arimasou16@ubuntu:~$ sudo ss -lntp | grep 53
LISTEN  0        100                             *:8080                 *:*      users:(("java",pid=2556,fd=53))

unbound起動、成功!

arimasou16@ubuntu:~$ sudo service unbound restart
arimasou16@ubuntu:~$ sudo service unbound status
● unbound.service - Unbound DNS server
   Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2020-08-02 01:16:30 JST; 6s ago
     Docs: man:unbound(8)
  Process: 8030 ExecStartPre=/usr/lib/unbound/package-helper root_trust_anchor_update (code=exited, status=0/SUCCESS)
  Process: 8019 ExecStartPre=/usr/lib/unbound/package-helper chroot_setup (code=exited, status=0/SUCCESS)
 Main PID: 8041 (unbound)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/unbound.service
           mq8041 /usr/sbin/unbound -d

 8月 02 01:16:30 ubuntu systemd[1]: Starting Unbound DNS server...
 8月 02 01:16:30 ubuntu package-helper[8030]: /var/lib/unbound/root.key has content
 8月 02 01:16:30 ubuntu package-helper[8030]: success: the anchor is ok
 8月 02 01:16:30 ubuntu unbound[8041]: [8041:0] notice: init module 0: subnet
 8月 02 01:16:30 ubuntu unbound[8041]: [8041:0] notice: init module 1: validator
 8月 02 01:16:30 ubuntu unbound[8041]: [8041:0] notice: init module 2: iterator
 8月 02 01:16:30 ubuntu unbound[8041]: [8041:0] info: start of service (unbound 1.6.7).
 8月 02 01:16:30 ubuntu systemd[1]: Started Unbound DNS server.
arimasou16@ubuntu:~$

めでたしめでたし(?)。