LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-01-2012, 02:39 AM   #16
uk.engr
Member
 
Registered: Apr 2012
Posts: 131

Original Poster
Rep: Reputation: Disabled

Thanks I have updated bind-lib. now it shows following error

[root@server ~]# /usr/sbin/named -g -d3 -u named -t /var/named/
01-Oct-2012 07:50:09.558 starting BIND 9.7.4-P1-RedHat-9.7.4-2.P1.fc14 -g -d3 -u named -t /var/named/
01-Oct-2012 07:50:09.558 built with '--build=i386-redhat-linux-gnu' '--host=i386-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--with-pkcs11=/usr/lib/pkcs11/PKCS11_API.so' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego' 'build_alias=i386-redhat-linux-gnu' 'host_alias=i386-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables' 'CPPFLAGS= -DDIG_SIGCHASE'
01-Oct-2012 07:50:09.559 adjusted limit on open files from 1024 to 1048576
01-Oct-2012 07:50:09.559 found 1 CPU, using 1 worker thread
01-Oct-2012 07:50:09.580 using up to 4096 sockets
01-Oct-2012 07:50:09.639 decrement_reference: delete from rbt: 0xb785b0b0 .
01-Oct-2012 07:50:09.645 Using 101 tasks for zone loading
01-Oct-2012 07:50:09.686 loading configuration from '/etc/named.conf'
01-Oct-2012 07:50:09.687 none:0: open: /etc/named.conf: file not found
01-Oct-2012 07:50:09.694 load_configuration: file not found
01-Oct-2012 07:50:09.706 loading configuration: file not found
01-Oct-2012 07:50:09.706 exiting (due to fatal error)

[root@zohaibserver zohaib]# ls -l /etc/named.conf
-rwxr-xr-x. 1 root named 1307 Sep 28 06:10 /etc/named.conf

Error shows named.conf not found in /etc but it is actually present there.
 
Old 10-01-2012, 03:05 AM   #17
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,272

Rep: Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692
I think that you have somehow messed up your bind installation.
Anyway use a symlink to define the chrooted named.conf:
Code:
ln -s /etc/named/conf /var/named/chroot/etc/
 
Old 10-01-2012, 04:45 AM   #18
uk.engr
Member
 
Registered: Apr 2012
Posts: 131

Original Poster
Rep: Reputation: Disabled
ln -s /etc/named/conf /var/named/chroot/etc/
Same error

I tried this for installing any missing package:
yum install bind*

then again tried but no effect.

-/etc/named/ this directory is empty by default
-all files are in /var/named & /var/named/chroot/
-/etc/named.conf is present here as well as in /var/named/chroot/etc/named.conf
 
Old 10-01-2012, 07:42 AM   #19
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,272

Rep: Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692
I cannot tell what's wrong with your bind installation, so better uninstall everything related to bind, keep a backup of your zone files and start over using this howto

Regards
 
Old 10-01-2012, 07:58 AM   #20
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Blog Entries: 4

Rep: Reputation: 221Reputation: 221Reputation: 221
first of all be sure which package of bind are you trying to install as it seems you are meshed up completely

Code:
# rpm -qa | grep bind
make sure either you have "bind" or "bind-chroot"
and if you have both I would advise you to remove one of them. Move forward as per your usage.

Here I have prepared list of steps you need to follow for the configuration in RedHat. I don't think there should be any command difference between redhat and fedora.
DNS configuration
 
Old 10-02-2012, 03:01 AM   #21
uk.engr
Member
 
Registered: Apr 2012
Posts: 131

Original Poster
Rep: Reputation: Disabled
Deepak
DNS configuration

I have followed your stated link service started successfully

but dns checking is not successful

[root@server named]# dig -x 192.168.1.91

; <<>> DiG 9.7.4-P1-RedHat-9.7.4-2.P1.fc14 <<>> -x 192.168.1.91
;; global options: +cmd
;; connection timed out; no servers could be reached
[root@server named]# dig -x server.example.com
; <<>> DiG 9.7.4-P1-RedHat-9.7.4-2.P1.fc14 <<>> -x server.example.com
;; global options: +cmd
;; connection timed out; no servers could be reached

My distro is fedora 14
 
Old 10-02-2012, 04:48 AM   #22
uk.engr
Member
 
Registered: Apr 2012
Posts: 131

Original Poster
Rep: Reputation: Disabled
Dear, There was mistake in last post, my service is not started it gives following errors

Oct 2 06:23:26 zohaibserver named[5112]: starting BIND 9.7.4-P1-RedHat-9.7.4-2.P1.fc14 -u named -t /var/named/chroot
Oct 2 06:23:26 zohaibserver named[5112]: built with '--build=i386-redhat-linux-gnu' '--host=i386-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--with-pkcs11=/usr/lib/pkcs11/PKCS11_API.so' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego' 'build_alias=i386-redhat-linux-gnu' 'host_alias=i386-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables' 'CPPFLAGS= -DDIG_SIGCHASE'
Oct 2 06:23:26 zohaibserver named[5112]: adjusted limit on open files from 1024 to 1048576
Oct 2 06:23:26 zohaibserver named[5112]: found 1 CPU, using 1 worker thread
Oct 2 06:23:26 zohaibserver named[5112]: using up to 4096 sockets
Oct 2 06:23:26 zohaibserver named[5112]: Using 101 tasks for zone loading
Oct 2 06:23:26 zohaibserver named[5112]: loading configuration from '/etc/named.conf'
Oct 2 06:23:26 zohaibserver named[5112]: none:0: open: /etc/named.conf: permission denied
Oct 2 06:23:26 zohaibserver named[5112]: loading configuration: permission denied
Oct 2 06:23:26 zohaibserver named[5112]: exiting (due to fatal error)

Last edited by uk.engr; 10-02-2012 at 05:13 AM.
 
Old 10-02-2012, 08:49 AM   #23
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,272

Rep: Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692
Quote:
Oct 2 06:23:26 zohaibserver named[5112]: none:0: open: /etc/named.conf: permission denied
Oct 2 06:23:26 zohaibserver named[5112]: loading configuration: permission denied
If you have installed bind using yum, you shouldn't have faced these errors
Anyway, change the owner of the chroot directory to user named:
Code:
chown -R named /var/named/chroot
 
Old 10-02-2012, 09:37 AM   #24
uk.engr
Member
 
Registered: Apr 2012
Posts: 131

Original Poster
Rep: Reputation: Disabled
I have done your stated command now i am facing this problem:


Oct 2 10:49:11 server named[2706]: /etc/named.conf:239: using specific query-source port suppresses port randomization and can be insecure.
Oct 2 10:49:11 server named[2706]: /etc/named.conf:240: using specific query-source port suppresses port randomization and can be insecure.
Oct 2 10:49:11 server named[2706]: command channel listening on 127.0.0.1#953
Oct 2 10:49:11 server named[2706]: command channel listening on ::1#953
Oct 2 10:49:11 server named[2706]: the working directory is not writable
Oct 2 10:49:11 server named[2706]: isc_stdio_open 'data/named.run' failed: permission denied
Oct 2 10:49:11 server named[2706]: configuring logging: permission denied
Oct 2 10:49:11 server named[2706]: loading configuration: permission denied
Oct 2 10:49:11 server named[2706]: exiting (due to fatal error)
 
Old 10-02-2012, 10:16 AM   #25
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,272

Rep: Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692Reputation: 1692
Quote:
Oct 2 10:49:11 server named[2706]: /etc/named.conf:239: using specific query-source port suppresses port randomization and can be insecure.
For this warning you need to comment out or delete the line starting with "query-source..."

Quote:
Oct 2 10:49:11 server named[2706]: isc_stdio_open 'data/named.run' failed: permission denied
Again give that directory (/var/named/chroot/var/named/data) R/W permissions for the named user:
Code:
chown -R named /var/named/chroot/var/named/data
chmod -R 755 /var/named/chroot/var/named
 
Old 10-04-2012, 01:12 AM   #26
uk.engr
Member
 
Registered: Apr 2012
Posts: 131

Original Poster
Rep: Reputation: Disabled
Ok, but:

[root@server ]# ls -l /var/named/chroot/
total 16
drwxrwxrwx. 2 named named 4096 Oct 2 05:10 dev
drwxrwxrwx. 4 named named 4096 Oct 4 02:14 etc
drwxrwxrwx. 3 named root 4096 Sep 27 07:08 usr
drwxrwxrwx. 6 named named 4096 Oct 2 05:10 var
[root@server ]# ls -l /var/named/chroot/etc/
total 36
drwxrwxrwx. 2 named named 4096 Nov 16 2011 named
-rwxrwxrwx. 1 named root 8408 Oct 4 02:07 named.conf
-rwxrwxrwx. 1 named root 2540 Sep 29 04:02 named.iscdlv.key
-rwxrwxrwx. 1 named root 1119 Oct 2 05:55 named.rfc1912.zones
-rwxrwxrwx. 1 named root 487 Sep 29 04:00 named.root.key
drwxrwxrwx. 3 named root 4096 Oct 2 05:10 pki
[root@server zohaib]# ls -l /var/named/chroot/var/named/
total 56
-rwxrwxrwx. 1 named root 294 Sep 27 07:09 1.168.192.in-addr.arpa.zone
-rwxrwxrwx. 1 named root 272 Oct 2 06:15 192.168.1.zone
-rwxrwxrwx. 1 named root 209 Oct 2 06:13 192.168.1.zone.bk
drwxrwxrwx. 2 named root 4096 Oct 2 03:53 data
-rwxrwxrwx. 1 named root 271 Oct 2 06:12 example.com.zone
-rwxrwxrwx. 1 named root 230 Oct 2 06:09 example.com.zone.bk
-rwxrwxrwx. 1 named root 298 Sep 27 07:09 mydomain.com.zone
-rwxrwxrwx. 1 named root 56 Oct 2 03:35 my.external.zone.db
-rwxrwxrwx. 1 named root 56 Oct 2 03:35 my.internal.zone.db
-rwxrwxrwx. 1 named root 1892 Oct 2 03:35 named.ca
-rwxrwxrwx. 1 named root 152 Oct 2 03:35 named.empty
-rwxrwxrwx. 1 named root 152 Oct 2 03:35 named.localhost
-rwxrwxrwx. 1 named root 168 Oct 2 03:35 named.loopback
drwxrwxrwx. 2 named root 4096 Oct 2 03:36 slaves
[root@server ]# ls -l /var/named/chroot/var/named/data/
total 0

Error
Oct 4 02:24:16 server named[3087]: command channel listening on 127.0.0.1#953
Oct 4 02:24:16 server named[3087]: command channel listening on ::1#953
Oct 4 02:24:16 server named[3087]: the working directory is not writable
Oct 4 02:24:16 server named[3087]: isc_stdio_open 'data/named.run' failed: permission denied
Oct 4 02:24:16 server named[3087]: configuring logging: permission denied
Oct 4 02:24:16 server named[3087]: loading configuration: permission denied
Oct 4 02:24:16 server named[3087]: exiting (due to fatal error)
++++++Oct 4 02:24:26 server setroubleshoot: SELinux is preventing the named daemon from writing to the zone directory For complete SELinux messages. run sealert -l f95dd86a-5499-4e3c-8d9f-805f4090da3a
Oct 4 02:24:26 server setroubleshoot: SELinux is preventing the named daemon from writing to the zone directory For complete SELinux messages. run sealert -l a1ef2c9c-1785-4e72-9edb-e06731be0acb
 
Old 10-04-2012, 01:16 AM   #27
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Blog Entries: 4

Rep: Reputation: 221Reputation: 221Reputation: 221
Quote:
Originally Posted by uk.engr View Post
Error
Oct 4 02:24:16 server named[3087]: command channel listening on 127.0.0.1#953
Oct 4 02:24:16 server named[3087]: command channel listening on ::1#953
Oct 4 02:24:16 server named[3087]: the working directory is not writable
Oct 4 02:24:16 server named[3087]: isc_stdio_open 'data/named.run' failed: permission denied
Oct 4 02:24:16 server named[3087]: configuring logging: permission denied
Oct 4 02:24:16 server named[3087]: loading configuration: permission denied
Oct 4 02:24:16 server named[3087]: exiting (due to fatal error)
++++++Oct 4 02:24:26 server setroubleshoot: SELinux is preventing the named daemon from writing to the zone directory For complete SELinux messages. run sealert -l f95dd86a-5499-4e3c-8d9f-805f4090da3a
Oct 4 02:24:26 server setroubleshoot: SELinux is preventing the named daemon from writing to the zone directory For complete SELinux messages. run sealert -l a1ef2c9c-1785-4e72-9edb-e06731be0acb
Can you check the port no you are using for named.conf
It should be 53 instead of 953 as shown in the error

Disable your selinux and restart your machine then try to restart your named services
 
Old 10-04-2012, 01:50 AM   #28
uk.engr
Member
 
Registered: Apr 2012
Posts: 131

Original Poster
Rep: Reputation: Disabled
There is no any port 953 defined

vim /var/named/chroot/etc/named.conf

options {
listen-on port 53 { 127.0.0.1; 192.168.1.91; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
# query-source port 53;
#query-source-v6 port 53;
allow-query { localhost; 192.168.1.0/24;};
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; 192.168.1.0/24; };
match-destinations { localhost; 192.168.1.0/24; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
 
Old 10-04-2012, 01:59 AM   #29
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Blog Entries: 4

Rep: Reputation: 221Reputation: 221Reputation: 221
kindly show me the output of

Code:
#netstat -ntlp | grep named
and did you disabled your selinux?
Restart your machine to make the changes affect and post your results
 
Old 10-04-2012, 02:05 AM   #30
uk.engr
Member
 
Registered: Apr 2012
Posts: 131

Original Poster
Rep: Reputation: Disabled
netstat -ntlp | grep named

No result



[root@server zohaib]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 904/rpcbind
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1336/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1196/cupsd
tcp 0 0 0.0.0.0:38199 0.0.0.0:* LISTEN 1010/rpc.statd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1367/sendmail: acce
tcp 0 0 0.0.0.0:637 0.0.0.0:* LISTEN 1303/ypserv
tcp 0 0 :::111 :::* LISTEN 904/rpcbind
tcp 0 0 :::55604 :::* LISTEN 1010/rpc.statd
tcp 0 0 :::22 :::* LISTEN 1336/sshd
tcp 0 0 ::1:631 :::* LISTEN 1196/cupsd

Ok now I am going to disabling selinux, then test and will come back here
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS configuration problem in Fedora Core 11., linuxjamil Linux - Server 1 10-15-2009 08:59 AM
having problem in seting dns configuration in fedora9 perky.nishi Linux - Networking 2 03-20-2009 11:22 AM
i have problem during the dns configuration in centos iyub Linux - Newbie 1 10-03-2007 07:41 AM
DNS configuration problem asimpeter Linux - Networking 1 03-26-2004 10:11 AM
problem with dns configuration ssrikant Linux - General 12 05-22-2003 04:44 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:02 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration