[nSLUG] No CPU use stat from ps running bind in chroot

Rich budman85 at eastlink.ca
Tue Jul 25 15:45:27 ADT 2006


Are you blocking any ports - firewall or filtering?  
How is the NIC connected - same switch?
Try a traceroute - what does dig show?  Are the root servers correct?




On Tue, 2006-07-25 at 12:29 -0300, D G Teed wrote:
> I suspect the issue isn't on the ps side but in the named side.
> Running strace on ps shows it is reading within /proc as expected.
> As I'm doing ps from the main OS, it has no issues accessing that.
> 
> This isn't a full chroot jail, but simply using bind's own chroot
> mechanism.  Therefore, there is a very minimal environment
> there - no shell, libs, etc.  If bind couldn't find the /proc
> slot for its process before, it should be able to now by the
> mount I created.
> 
> Perhaps there is some problem between certain kernels and
> chroot'ed named?  ps is just grabbing the stuff under /proc/$PID
> and making it pretty to read, AFAIK.
> 
> --Donald
> 
> On 7/25/06, Crawford, Andrew (IT) <Andrew.Crawford at morganstanley.com> wrote:
> > Try stracing the ps in the chroot environment and note any file accesses. Other than that, I wonder if there's a difference in your chrooted execution environment in terms of libraries etc. In any case comparing all file opens in strace in regular vs chroot should shed light.
> >
> > Cheers,
> >
> > Andrew Crawford
> >
> > > -----Original Message-----
> > > From: nslug-bounces at nslug.ns.ca [mailto:nslug-bounces at nslug.ns.ca] On
> > > Behalf Of D G Teed
> > > Sent: Tuesday, July 25, 2006 10:11
> > > To: nslug
> > > Subject: [nSLUG] No CPU use stat from ps running bind in chroot
> > >
> > > Hi,
> > >
> > > Here is a scenario...
> > > Two servers: both Debian 3.1 stable.
> > >
> > > One runs with -t /var/lib/named while the other doesn't.
> > > Both work properly.
> > >
> > > The chrooted bind will show 0:00 for processing time from ps -aux , while
> > > the non-chrooted case will show some processing time has elapsed.
> > > (The chrooted case is far more busy, as well, so it isn't simply a case
> > > of an idle service.)
> > >
> > > I checked the bind chroot howto and don't see anything I've missed.
> > > googling hasn't shown anything related to it thus far.
> > >
> > > My feeling is that I'm missing something in named's dev
> > > (I've got null, random and log) or similar.
> > >
> > > --Donald
> > >
> > >
> > >
> > > _______________________________________________
> > > nSLUG mailing list
> > > nSLUG at nslug.ns.ca
> > > http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug
> > >
> > >
> > --------------------------------------------------------
> >
> > NOTICE: If received in error, please destroy and notify sender. Sender does not intend to waive confidentiality or privilege. Use of this email is prohibited when received in error.
> >
> >
> >
> > _______________________________________________
> > nSLUG mailing list
> > nSLUG at nslug.ns.ca
> > http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug
> >
> > 
> >
> >
> 
> 
> 
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug
> 
> 
-- 
Rich <budman85 at eastlink.ca>

!DSPAM:44c666c4316528971033329!




More information about the nSLUG mailing list