service start automatically on debian 10

Question

I have server with debian 10, previously on this server unbound service installed. Today I noticed that the service is reset every minute. I even deleted the file /lib/systemd/system/unbound.service and killed process manually But again it runs automatically; I can not understand what process runs this service twice. I have two problem:

#1: how service start again automatically?

‍#2: if service started, why reset again?

also I do not think the reset is due to the service itself.

    unbound.service
   Loaded: loaded (/etc/init.d/unbound; generated)
   Active: active (running) since Sun 2022-05-01 14:57:25 +0430; 50s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 24965 ExecStart=/etc/init.d/unbound start (code=exited, status=0/SUCCESS)
 Main PID: 24985 (unbound)
    Tasks: 8 (limit: 4915)
   Memory: 14.3M
   CGroup: /system.slice/unbound.service
                 24985 /usr/sbin/unbound

May 01 14:57:24 INF-dns-ntp02 systemd[1]: Starting unbound.service...
May 01 14:57:24 INF-dns-ntp02 unbound-anchor[24980]: /var/lib/unbound/root.key has content
May 01 14:57:24 INF-dns-ntp02 unbound-anchor[24980]: success: the anchor is ok
May 01 14:57:25 INF-dns-ntp02 unbound[24965]: Starting DNS server: unbound.
May 01 14:57:25 INF-dns-ntp02 systemd[1]: Started unbound.service.

UPDATE:list files

/etc/apparmor.d/local/usr.sbin.unbound
/etc/apparmor.d/usr.sbin.unbound
/etc/init.d/unbound
/etc/insserv.conf.d/unbound
/etc/resolvconf/update.d/unbound
/etc/systemd/system/multi-user.target.wants/unbound.service -> /lib/systemd/system/unbound.service
/etc/systemd/system/unbound.service.d
/etc/systemd/system/unbound.service.wants
/etc/systemd/system/unbound.service.wants/unbound-resolvconf.service -> /lib/systemd/system/unbound-resolvconf.service
/etc/unbound
/etc/unbound/unbound.conf
/etc/unbound/unbound.conf.bk
/etc/unbound/unbound.conf.d
/run/systemd/generator.late/graphical.target.wants/unbound.service -> ../unbound.service
/run/systemd/generator.late/multi-user.target.wants/unbound.service -> ../unbound.service
/run/systemd/generator.late/unbound.service
/run/systemd/units/invocation:unbound.service -> ff49954ca79b45bf851f4f6c9eb007da
/usr/lib/x86_64-linux-gnu/libunbound.so.8 -> libunbound.so.8.1.0
/usr/lib/x86_64-linux-gnu/libunbound.so.8.1.0
/usr/sbin/unbound
/usr/sbin/unbound-anchor
/usr/sbin/unbound-checkconf
/usr/sbin/unbound-control
/usr/sbin/unbound-control-setup
/usr/share/doc/libunbound8
/usr/share/doc/unbound
/usr/share/doc/unbound-anchor

Update2: remove all /etc/rc*/[ks]unbound

 unbound.service
   Loaded: loaded (/etc/init.d/unbound; generated)
   Active: active (running) since Sun 2022-05-01 18:22:25 +0430; 5s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 4854 ExecStart=/etc/init.d/unbound start (code=exited, status=0/SUCCESS)
 Main PID: 4873 (unbound)
    Tasks: 8 (limit: 4915)
   Memory: 13.6M
   CGroup: /system.slice/unbound.service
                 4873 /usr/sbin/unbound

May 01 18:22:24 INF-dns-ntp02 systemd[1]: Starting unbound.service...
May 01 18:22:25 INF-dns-ntp02 unbound-anchor[4868]: /var/lib/unbound/root.key has content
May 01 18:22:25 INF-dns-ntp02 unbound-anchor[4868]: success: the anchor is ok
May 01 18:22:25 INF-dns-ntp02 unbound[4854]: Starting DNS server: unbound.
May 01 18:22:25 INF-dns-ntp02 systemd[1]: Started unbound.service.

kill Main PID: 4873 exec kill -9 4873 but unbound service starts again automatically ...

Update3: grep -r unbound /etc

output: 

/etc/apparmor.d/usr.sbin.unbound:/usr/sbin/unbound flags=(attach_disconnected) {
/etc/apparmor.d/usr.sbin.unbound:  /etc/unbound/** r,
/etc/apparmor.d/usr.sbin.unbound:  owner /etc/unbound/*.key* rw,
/etc/apparmor.d/usr.sbin.unbound:  audit deny /etc/unbound/unbound_control.{key,pem} rw,
/etc/apparmor.d/usr.sbin.unbound:  audit deny /etc/unbound/unbound_server.key w,
/etc/apparmor.d/usr.sbin.unbound:  /var/lib/unbound/** r,
/etc/apparmor.d/usr.sbin.unbound:  owner /var/lib/unbound/** rw,
/etc/apparmor.d/usr.sbin.unbound:  audit deny /var/lib/unbound/**/unbound_control.{key,pem} rw,
/etc/apparmor.d/usr.sbin.unbound:  audit deny /var/lib/unbound/**/unbound_server.key w,
/etc/apparmor.d/usr.sbin.unbound:  /usr/sbin/unbound mr,
/etc/apparmor.d/usr.sbin.unbound:  /{,var/}run/{unbound/,}unbound.pid rw,
/etc/apparmor.d/usr.sbin.unbound:  /{,var/}run/unbound.ctl rw,
/etc/apparmor.d/usr.sbin.unbound:  #include <local/usr.sbin.unbound>

score 0 · Answer 1 · answered May 01 '22 at 10:40

0

A service can be started in several ways. They are shown when you run the command

sudo systemctl status servicname

under the heading 'TriggeredBy'.

These can all be stopped, started, enabled, disabled, masked and unmasked individually.

An example of another service:

    sudo systemctl status libvirtd.service
● libvirtd.service - Virtualization daemon
     Loaded: loaded (/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-04-28 17:26:32 CEST; 2 days ago
TriggeredBy: ● libvirtd-ro.socket
             ● libvirtd-admin.socket
             ● libvirtd.socket
       Docs: man:libvirtd(8)

answered May 01 '22 at 10:40

JdeHaan

914
1
6
20

I delete `systemd file (/lib/systemd/system/unbound.service)`, but `systemctl status unbound` show me result, and `TriggeredBy` not show for me! – pyramid13 May 01 '22 at 10:50
Removing '*.service' (or '*.socket') files by hand is not recommended. 'systemctl service' manages that for you perfectly. If you do a 'sudo find / -name "*unbound*" | xargs ls -ld ' you got a good chance of finding all references. – JdeHaan May 01 '22 at 10:54
make that "quote star unbound star quote". "\*unbound\*" – JdeHaan May 01 '22 at 11:08
I have a lot of files and I can understand which file can stop service! I updated and add list file – pyramid13 May 01 '22 at 11:51
sudo systemctl stop unbound ; sudo systemctl disable unbound ; sudo systemctl mask unbound ; sudo ps -ef | grep -v grep | grep unbound; If the last command shows nothing it is stopped. If not: sudo /etc/init.d/unbound stop ; If that doesn't do it : kill – JdeHaan May 01 '22 at 13:13
I have done all this before, I stop the service in any way; It starts again automatically – pyramid13 May 01 '22 at 13:31
Are there any /etc/rc?.d/S*unbound links? – JdeHaan May 01 '22 at 13:33
``` /etc/rc0.d/K01unbound -> ../init.d/unbound /etc/rc1.d/K01unbound -> ../init.d/unbound /etc/rc2.d/S01unbound -> ../init.d/unbound /etc/rc3.d/S01unbound -> ../init.d/unbound /etc/rc4.d/S01unbound -> ../init.d/unbound etc/rc5.d/S01unbound -> ../init.d/unbound /etc/rc6.d/K01unbound -> ../init.d/unbound ``` – pyramid13 May 01 '22 at 13:36
Wait. You did it by hand. Did you do a 'sudo systemctl daemon-reload' ? – JdeHaan May 01 '22 at 13:36
yes, 100 times :) – pyramid13 May 01 '22 at 13:37
remove those [SK]*unbound links. Those start it too. – JdeHaan May 01 '22 at 13:37
update-rc.d if I'm right. – JdeHaan May 01 '22 at 13:37
I did and I update the topic for the last result ... – pyramid13 May 01 '22 at 13:55
Assuming you do a full reboot in between. Btw, 'kill -9' is _bad_. Use a plain 'kill '. Ok, going into weirdo stuff. Check whether you have an /etc/inittab. Should definitely not contain any unbound stuff. Big gun: 'sudo grep -r unbound /etc'. – JdeHaan May 01 '22 at 14:22
updated with output this command grep -r unbound /etc – pyramid13 May 01 '22 at 18:51
That's no result either. Very rude: rename the unbound executable with 'mv unbound unbound.disabled', reboot and check who's complaining with 'journalctl -b -a'. – JdeHaan May 04 '22 at 10:26

service start automatically on debian 10

1 Answers1