[nSLUG] No CPU use stat from ps running bind in chroot

D G Teed donald.teed at gmail.com
Tue Jul 25 23:51:22 ADT 2006


I think there is a misunderstanding here.  The name servers
are both working fine.  The only aspect I'm curious about
is how to get ps to report something about the time load
on the named which is bind chrooted.

Here is a sample from ps -uwwp

USER       PID %CPU %MEM   VSZ  RSS TTY      STAT START   TIME COMMAND
bind     28356  0.0  1.8 44548 16944 ?       Ss   10:02   0:00
/usr/sbin/named -u bind -t /var/lib/named

As it is, TIME always appears to be idle, while I know it is the
primary domain server on a well visited domain.  My name server
at home, running Debian with same release of bind9
shows a few seconds of CPU time consumed for
light traffic.

The bind9 is from the stable package provided in Debian 3.1,
in both cases.  The only difference is the -t option in the case
that reports no CPU load and time elapsed.

--Donald


On 7/25/06, Rich <budman85 at eastlink.ca> wrote:
>
> Are you blocking any ports - firewall or filtering?
> How is the NIC connected - same switch?
> Try a traceroute - what does dig show?  Are the root servers correct?
>
>
>
>
> On Tue, 2006-07-25 at 12:29 -0300, D G Teed wrote:
> > I suspect the issue isn't on the ps side but in the named side.
> > Running strace on ps shows it is reading within /proc as expected.
> > As I'm doing ps from the main OS, it has no issues accessing that.
> >
> > This isn't a full chroot jail, but simply using bind's own chroot
> > mechanism.  Therefore, there is a very minimal environment
> > there - no shell, libs, etc.  If bind couldn't find the /proc
> > slot for its process before, it should be able to now by the
> > mount I created.
> >
> > Perhaps there is some problem between certain kernels and
> > chroot'ed named?  ps is just grabbing the stuff under /proc/$PID
> > and making it pretty to read, AFAIK.
> >
> > --Donald
> >
> > On 7/25/06, Crawford, Andrew (IT) <Andrew.Crawford at morganstanley.com>
wrote:
> > > Try stracing the ps in the chroot environment and note any file
accesses. Other than that, I wonder if there's a difference in your chrooted
execution environment in terms of libraries etc. In any case comparing all
file opens in strace in regular vs chroot should shed light.
> > >
> > > Cheers,
> > >
> > > Andrew Crawford
> > >
> > > > -----Original Message-----
> > > > From: nslug-bounces at nslug.ns.ca [mailto:nslug-bounces at nslug.ns.ca]
On
> > > > Behalf Of D G Teed
> > > > Sent: Tuesday, July 25, 2006 10:11
> > > > To: nslug
> > > > Subject: [nSLUG] No CPU use stat from ps running bind in chroot
> > > >
> > > > Hi,
> > > >
> > > > Here is a scenario...
> > > > Two servers: both Debian 3.1 stable.
> > > >
> > > > One runs with -t /var/lib/named while the other doesn't.
> > > > Both work properly.
> > > >
> > > > The chrooted bind will show 0:00 for processing time from ps -aux ,
while
> > > > the non-chrooted case will show some processing time has elapsed.
> > > > (The chrooted case is far more busy, as well, so it isn't simply a
case
> > > > of an idle service.)
> > > >
> > > > I checked the bind chroot howto and don't see anything I've missed.
> > > > googling hasn't shown anything related to it thus far.
> > > >
> > > > My feeling is that I'm missing something in named's dev
> > > > (I've got null, random and log) or similar.
> > > >
> > > > --Donald
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > nSLUG mailing list
> > > > nSLUG at nslug.ns.ca
> > > > http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug
> > > >
> > > >
> > > --------------------------------------------------------
> > >
> > > NOTICE: If received in error, please destroy and notify sender. Sender
does not intend to waive confidentiality or privilege. Use of this email is
prohibited when received in error.
> > >
> > >
> > >
> > > _______________________________________________
> > > nSLUG mailing list
> > > nSLUG at nslug.ns.ca
> > > http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug
> > >
> > >
> > >
> > >
> >
> >
> >
> > _______________________________________________
> > nSLUG mailing list
> > nSLUG at nslug.ns.ca
> > http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug
> >
> >
> --
> Rich <budman85 at eastlink.ca>
>
>
>
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug
>
> 
>
>


!DSPAM:44c6d8ac8141514148722!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/mailman/private/nslug/attachments/20060725/0ca662e4/attachment-0002.html>


More information about the nSLUG mailing list