LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-06-2004, 03:09 AM   #1
sti2envy
Member
 
Registered: Sep 2004
Posts: 43

Rep: Reputation: 15
Correct DNS setup?


Hi, I have setup my /etc/named.conf and /etc/rndc.conf. Named service start/stop/restarts fine with i do a manual named - u named. But if i do a /etc/init.d/named restart , appears to be running off /var/named/chroot like this :

named 9520 0.0 0.5 37044 2920 ? S 21:06 0:00 /usr/sbin/named -u named -t /var/named/chroot

causing these errors to appear in /var/log/messages:

Oct 6 21:06:14 toys named[9520]: loading configuration from '/etc/named.conf'
Oct 6 21:06:14 toys named[9520]: listening on IPv4 interface lo, 127.0.0.1#53
Oct 6 21:06:14 toys named[9520]: listening on IPv4 interface eth0, 192.168.1.2#53
Oct 6 21:06:14 toys named[9520]: listening on IPv4 interface vmnet1, 192.168.158.1#53
Oct 6 21:06:14 toys named[9520]: listening on IPv4 interface vmnet2, 172.16.135.1#53
Oct 6 21:06:14 toys named[9520]: listening on IPv4 interface vmnet8, 172.16.28.1#53
Oct 6 21:06:14 toys named[9520]: couldn't add command channel 127.0.0.1#953: not found
Oct 6 21:06:14 toys named[9520]: couldn't add command channel ::1#953: not found

Can someone pls point out to me why does named start off with parameters "-t /var/named/chroot" and shuold i copy my /etc/named.conf over to /var/named/chroot/etc/named.conf ?? Which named.conf file is the real file to use as there appears to be two locations where this named.conf exist? Im confused over this.
 
Old 10-06-2004, 05:29 AM   #2
scowles
Member
 
Registered: Sep 2004
Location: Texas, USA
Distribution: Fedora
Posts: 620

Rep: Reputation: 31
The -t command line argument causes "named" to start in a chroot'd jail environment. Which is good. If a hacker was to exploit named in some way, the hacker would be confined to the directories/files relative to the specifed rooted path, not from your systems root. i.e. /var/named/chroot versus /

In short, simply copy all your named specific config files to the correspnding directory under /var/named/chroot. Example:

/etc/named.conf = /var/named/chroot/etc/named.conf
/etc/rndc.key = /var/named/chroot/etc/rndc.key

/var/named/named.ca = /var/named/chroot/var/named/named.ca
etc...

Also, copy /etc/localtime to /var/named/chroot/etc - or named will log entries in UTC time.
 
Old 10-06-2004, 05:45 AM   #3
sti2envy
Member
 
Registered: Sep 2004
Posts: 43

Original Poster
Rep: Reputation: 15
Thank you. That works a lot better now
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
help needed to setup a DNS server can anyone say how to configure a DNS server subha Linux - Networking 4 04-27-2012 11:50 PM
The correct/secure way to setup a webserver? ]SK[ Linux - Software 5 02-11-2005 02:34 AM
DNS setup. wr3kt Linux - Networking 0 04-29-2004 05:59 PM
Internet not working but dns is correct HILLbilly Linux - Networking 8 10-07-2003 11:08 AM
How do I setup Wildcard MX - Will PayPal $100 to first correct answer. 360 Linux - Networking 0 11-04-2002 10:41 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:15 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration