From e6424d1a0900be7e756722b890c650722ba66e14 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Fri, 30 Sep 2022 12:51:19 +0200
Subject: [PATCH] Enable automatic restart on crashes

named contains high number of assertions checking expected state of the
daemon. That is part of defensive code style to prevent many attacks.
The most common failure is failing some assertion check in rare
circumstances. Even when this should not happen, try keeping the service
running. If such failed assertion produces coredump just from time to
time, avoid failing hard the whole service. coredumpctl will keep track
of all crashes anyway.
---
 bind.spec            | 1 +
 named-chroot.service | 1 +
 named.service        | 1 +
 3 files changed, 3 insertions(+)

diff --git a/bind.spec b/bind.spec
index ac40820..20bb29e 100644
--- a/bind.spec
+++ b/bind.spec
@@ -959,6 +959,7 @@ fi;
 %changelog
 * Fri Sep 30 2022 Petr Menšík <pemensik@redhat.com> - 32:9.18.7-3
 - Update License to SPDX identifier
+- Enable automatic restart on crashes
 
 * Sat Sep 24 2022 Petr Menšík <pemensik@redhat.com> - 32:9.18.7-2
 - Build ARM documentation also with older sphinx on RHEL9
diff --git a/named-chroot.service b/named-chroot.service
index ff793f2..4c38601 100644
--- a/named-chroot.service
+++ b/named-chroot.service
@@ -25,6 +25,7 @@ ExecReload=/bin/sh -c 'if /usr/sbin/rndc null > /dev/null 2>&1; then /usr/sbin/r
 ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
 
 PrivateTmp=false
+Restart=on-abnormal
 
 [Install]
 WantedBy=multi-user.target
diff --git a/named.service b/named.service
index 252c9d5..5c32fc5 100644
--- a/named.service
+++ b/named.service
@@ -20,6 +20,7 @@ ExecReload=/bin/sh -c 'if /usr/sbin/rndc null > /dev/null 2>&1; then /usr/sbin/r
 ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
 
 PrivateTmp=true
+Restart=on-abnormal
 
 [Install]
 WantedBy=multi-user.target