BIND9 Service Shows "active (exited)" Instead of "active (running)" - Broken Init Script

BIND9 Service Shows "active (exited)" Instead of "active (running)" - Broken Init Script

Problem Description:
After configuring BIND9 with a zone file in ISPConfig, the service appeared to be active but wasn't actually running. The service status showed:

Code:

● bind9.service - LSB: Start and stop bind9
     Loaded: loaded (/etc/init.d/bind9; generated)
     Active: active (exited)

Commands like rndc reload, rndc status, and dig @localhost all failed with "connection refused" errors.

Root Cause:
The /etc/init.d/bind9 init script was completely broken and contained only:

Code:

#!/bin/sh
### BEGIN INIT INFO
... (init info headers)
### END INIT INFO

exit 0

The script was immediately exiting with status 0, making systemd think the service had started successfully when in fact BIND wasn't running at all.

Symptoms:
• systemctl status bind9 showed "active (exited)" instead of "active (running)"
• rndc commands failed with "connection refused"
• dig queries to localhost failed
• No process listening on port 53
• Manual start with named -g -u bind worked in foreground but service wouldn't run as daemon

Solution:

Option 1: Use the native systemd service (Recommended)

Code:

sudo systemctl enable named
sudo systemctl start named
sudo systemctl status named

Option 2: Fix the init script
Replace the broken /etc/init.d/bind9 with a proper init script that actually starts the BIND daemon.

Verification:
After fix, service shows:

Code:

● named.service - BIND Domain Name Server
     Loaded: loaded (/lib/systemd/system/named.service; enabled; preset: enabled)
     Active: active (running)
     Main PID: 1082477 (named)

Additional Notes:
• The "network unreachable" IPv6 errors in logs are normal if the server doesn't have IPv6 connectivity
• Zone file syntax was correct (named-checkzone passed)
• Configuration was valid (named-checkconf passed)
• The issue was purely with the service management, not BIND configuration itself

Environment:
• Debian 12
• BIND 9.18.33
• ISPConfig installation

This appears to be either a package installation issue or possibly related to how ISPConfig manages services. Other users should check their /etc/init.d/bind9 script if they encounter similar "active (exited)" status.

 

it was really a fresh Debian 12 ISPConfig auto installer.. no more!

 

Is this really a fresh install of Debian 12 or rather a freshly upgraded Debian to version 12?
Can you run "dpkg -s bind9" and show the output?

 

I asked support regarding this version of debian:

 

As for your questions:

Code:

root@server1:~# dpkg -s bind9
Package: bind9
Status: install ok installed
Priority: optional
Section: net
Installed-Size: 902
Maintainer: Debian DNS Team <[email protected]>
Architecture: amd64
Version: 1:9.18.33-1~deb12u2
Replaces: bind (<< 1:9.13.6~)
Depends: adduser, bind9-libs (= 1:9.18.33-1~deb12u2), bind9-utils (= 1:9.18.33-1~deb12u2), debconf | debconf-2.0, dns-root-data, iproute2, lsb-base (>= 3.2-14), netbase, libc6 (>= 2.34), libcap2 (>= 1:2.10), libfstrm0 (>= 0.2.0), libjemalloc2 (>= 3.5.0), libjson-c5 (>= 0.15), liblmdb0 (>= 0.9.7), libmaxminddb0 (>= 1.3.0), libnghttp2-14 (>= 1.3.0), libprotobuf-c1 (>= 1.0.0), libssl3 (>= 3.0.0), libsystemd0, libuv1 (>= 1.40.0), libxml2 (>= 2.7.4), zlib1g (>= 1:1.1.4)
Pre-Depends: init-system-helpers (>= 1.54~)
Suggests: bind-doc, dnsutils, resolvconf, ufw
Breaks: bind (<< 1:9.13.6~)
Conffiles:
 /etc/apparmor.d/usr.sbin.named 4f63a3becd1eac38cb4e7fa1c6f40a04
 /etc/bind/bind.keys f272b3aa035c95c6ef9dd360c3118a5b
 /etc/bind/db.0 43e4adb661f18a102a9c2ad1e192e825
 /etc/bind/db.127 64f5cf50e8d8192109dad43b779e5e36
 /etc/bind/db.255 8aba258068c8c60a7ade3952a285f57d
 /etc/bind/db.empty 4e7a0ebff9a8936e5a72ec18c0c49214
 /etc/bind/db.local e5d27ead2d238928a08d33c7a7333477
 /etc/bind/named.conf 791fd546d7418bf64ae776d6d915c81a
 /etc/bind/named.conf.default-zones 9fbdc4657090b3b2a45f7e7b8468cf96
 /etc/bind/named.conf.local fb15a27656eafd86ff870effabc72f1e
 /etc/bind/named.conf.options 642e258554b7bd95f4fc71062ca82101
 /etc/bind/zones.rfc1918 d04252b4368b66e28376f92613842888
 /etc/default/named 0fcf4e70d1d3811d13a1f7b52fd5e384
 /etc/init.d/named 2f033c8e309de34d6ae67fca64292598
 /etc/insserv.conf.d/bind9 2f36010c32cff9acc445bb9b577aecf7
 /etc/network/if-down.d/bind9 dd11845d860cd2e30dce8556aa478eb2
 /etc/network/if-up.d/bind9 dd11845d860cd2e30dce8556aa478eb2
 /etc/ppp/ip-down.d/bind9 dd11845d860cd2e30dce8556aa478eb2
 /etc/ppp/ip-up.d/bind9 dd11845d860cd2e30dce8556aa478eb2
 /etc/ufw/applications.d/bind9 ac2316819866611a68b976db9125c9a7
Description: Internet Domain Name Server
 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server.  BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package provides the server and related configuration files.
Homepage: https://www.isc.org/downloads/bind/
root@server1:~#

 

Well that confirms that whatever is going on on your system is unusual.
The package itself does not come with "/etc/init.d/bind9", neither does ISPConfig creates or uses that file.

So it must be something else. You mentioned they use OpenVZ with a Debian 12 template. I would assume that either they are doing something "wrong" or you did somehow create that file by accident.

 

I think it comes with the server, because tested it on two servers.. :

Code:

root@server1:~# ls -la /etc/init.d/bind9
-rwxr-xr-x 1 root root 372 Aug  3  2023 /etc/init.d/bind9
root@server1:~# cat /etc/init.d/bind9
#!/bin/sh

### BEGIN INIT INFO
# Provides:          bind9
# Required-Start:
# Required-Stop:
# Should-Start:
# Should-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start and stop bind9
# Description:       bind9 is a Domain Name Server (DNS)
#        which translates ip addresses to and from internet names
### END INIT INFO

exit 0

 

I asked the host team to check with the fresh installation they confirmed:

Code:

Hello,

I've checked a default Debian 12 install and it does not come with the file:

damian@gl:~$ ls -l /etc/init.d/bind9
ls: cannot access '/etc/init.d/bind9': No such file or directory
damian@gl:~$

So the auto installer most likely creating it?!