Mandriva 2009, BIND 9.5.0-P2. Named will start however I'm getting the above error as well as these:

14-Mar-2009 15:45:37.084 general: error: zone 0.in-addr.arpa/IN: loading from master file /var/lib/named/var/named/reverse/named.zero failed: file not found
14-Mar-2009 15:45:37.084 general: error: zone 0.0.127.in-addr.arpa/IN: loading from master file /var/lib/named/var/named/reverse/named.local failed: file not found
14-Mar-2009 15:45:37.084 general: error: zone 255.in-addr.arpa/IN: loading from master file /var/lib/named/var/named/reverse/named.broadcast failed: file not found
14-Mar-2009 15:45:37.084 general: error: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loading from master file /var/lib/named/var/named/reverse/named.ip6.local failed: file not found
14-Mar-2009 15:45:37.085 general: error: zone localdomain/IN: loading from master file /var/lib/named/var/named/master/localdomain.zone failed: file not found
14-Mar-2009 15:45:37.085 general: error: zone localhost/IN: loading from master file /var/lib/named/var/named/master/localhost.zone failed: file not found
14-Mar-2009 15:45:37.093 general: notice: running

The files are in /var/lib/named/var/named/reverse:

-rw-r--r-- 1 root root 427 2009-02-15 05:18 named.broadcast
-rw-r--r-- 1 root root 424 2009-02-15 05:18 named.ip6.local
-rw-r--r-- 1 root root 426 2009-02-15 05:18 named.local
-rw-r--r-- 1 root root 427 2009-02-15 05:18 named.zero

and in /var/lib/named/var/named/master:

-rw-r--r-- 1 root root 198 2009-02-15 05:18 localdomain.zone
-rw-r--r-- 1 root root 195 2009-02-15 05:18 localhost.zone

The call to start named from /etc/rc.d/init.d is:

start() {
# Start daemons.
if [ -n "`/sbin/pidof named`" ]; then
gprintf "$prog: already running"
echo
return 1
fi
gprintf "Starting %s: " $prog

# prepare the chroot if needed
[ -e /var/lib/named/dev/null ] || mknod -m 0666 /var/lib/named/dev/null c 1 3
[ -e /var/lib/named/dev/random ] || mknod -m 0666 /var/lib/named/dev/random c 1 8
[ -e /var/lib/named/dev/urandom ] || mknod -m 0666 /var/lib/named/dev/urandom c 1 8

# better always copy localtime so it respects the system's timezone
install -m 0644 -o root -g root /etc/localtime /var/lib/named/etc/

[ -d /var/lib/named/proc ] || mkdir -p /var/lib/named/proc
if ! egrep -q '^/proc[[:space:]]+'/var/lib/named'/proc' /proc/mounts; then
mount --bind /proc /var/lib/named/proc -o ro >/dev/null 2>&1
fi

daemon named -u named -t /var/lib/named ${OPTIONS}
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/named
echo
return $RETVAL

Named shows to be running but with the errors above I know it's not running correctly. I also copied the above dir's over to /var/lib/named/var/lib/named which is where I 'believe' it's chroot'd at, though I could be wrong since I'm unfamiliar with chroot. I'm sure it's just something simple but can't seem to find the error of my ways. Any help would be appreciated.

Chris

According to this line in the start script, named runs chrooted in /var/lib/named, so the location of the zone files is correct. Most likely the problem is that the chroot directory is owned by root, while the daemon is running as the user named. Runand restart named to see if it works.

Still the same. Permissions of /var/lib/named are now
drwxr-xr-x 6 named root 4096 2009-03-13 20:33 named/

drwxr-xr-x 2 named root 4096 2009-03-11 20:51 dev/
drwxr-xr-x 2 named root 4096 2009-03-14 17:12 etc/
-rw-r--r-- 1 named named 2954 2009-02-15 05:18 named.ca
dr-xr-xr-x 181 named root 0 2009-03-12 13:16 proc/
drwxr-xr-x 7 named root 4096 2009-03-12 06:16 var/

From what I can understand the chroot dir is /var/lib/named/var/lib/named of course I'm probably wrong. The permissions there are:

drwxr-xr-x 2 named named 4096 2009-03-14 11:53 etc/
drwxr-xr-x 2 named named 4096 2009-03-11 20:22 master/
-rw-r--r-- 1 named named 2954 2009-02-15 05:18 named.ca
drwxr-xr-x 2 named named 4096 2009-03-11 20:22 reverse/


So these should be the same as in /var/lib/named correct?

The chroot directory is the argument of the -t option (that is /var/lib/named in your case). The zone files are located in the directory defined by the "directory" option in named.conf (default is /var/named, so when chrooted as in your config, it should be /var/lib/named/var/named). Run
to verify it.
The named.conf used in your case is defined probably by the $(OPTIONS) variable. Most likely it's in /var/lib/named/etc. Running
should show the named.conf you use, so you can look in it for the zone files location.

[root@localhost ~]# ls -l /var/lib/named/var/named
total 16
drwxr-xr-x 2 named named 4096 2009-03-11 20:22 master/
-rw-r--r-- 1 named root 2954 2009-02-15 05:18 named.ca
drwxr-xr-x 2 named named 4096 2009-03-11 20:22 reverse/
drwxr-xr-x 2 named named 4096 2009-02-15 05:18 slaves/
[root@localhost ~]# ps -ef|grep named
named 8935 1 0 17:31 ? 00:00:00 named -u named -t /var/lib/named
root 21131 20984 0 18:50 pts/0 00:00:00 grep --color named

Odd there is no named.conf in /var/lib/named there is one in /var/lib/named/etc though and of course one in /etc. Should there be a named.conf in /var/lib/named?

Looking at $(OPTIONS) in /etc/named.conf

options {
version "";
directory "/var/lib/named";
dump-file "/var/tmp/named_dump.db";
pid-file "/var/run/named.pid";
statistics-file "/var/tmp/named.stats";
zone-statistics yes;
// datasize 256M;
coresize 100M;
// fetch-glue no;
// recursion no;
// recursive-clients 10000;
auth-nxdomain yes;
query-source address * port *;
listen-on port 53 { any; };
cleaning-interval 120;
transfers-in 20;
transfers-per-ns 2;
lame-ttl 0;
max-ncache-ttl 10800;

Here's how the zone files are configured:

zone "." IN {
type hint;
file "/var/lib/named/named.ca";
};

zone "localdomain" IN {
type master;
file "/var/lib/named/var/named/master/localdomain.zone";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "/var/lib/named/var/named/master/localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "/var/lib/named/var/named/reverse/named.local";
allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "/var/lib/named/var/named/reverse/named.ip6.local";
allow-update { none; };
};

zone "255.in-addr.arpa" IN {
type master;
file "/var/lib/named/var/named/reverse/named.broadcast";
allow-update { none; };
};

zone "0.in-addr.arpa" IN {
type master;
file "/var/lib/named/var/named/reverse/named.zero";
allow-update { none; };
};

The same named.conf file is in /var/lib/named/etc. Permissions in /var/lib/named/var/lib/named are:

drwxr-xr-x 2 named named 4096 2009-03-14 11:53 etc/
drwxr-xr-x 2 named root 4096 2009-03-11 20:22 master/
-rw-r--r-- 1 named named 2954 2009-02-15 05:18 named.ca
drwxr-xr-x 2 named named 4096 2009-03-11 20:22 reverse/

and in /var/lib/named/var/lib/named/etc I have:

-rw-r--r-- 1 named root 1966 2009-02-15 05:18 bogon_acl.conf
-rw-r--r-- 1 named root 116 2009-03-11 21:46 hosts
-rw-r--r-- 1 named root 3543 2009-03-12 20:14 localtime
-rw-r--r-- 1 named root 2123 2009-02-15 05:18 logging.conf
-rw-r--r-- 1 named root 4340 2009-03-14 11:53 named.conf
-rw-r--r-- 1 named root 4344 2009-03-14 11:52 named.conf~
-rw-r--r-- 1 named named 530 2009-03-12 19:40 rndc.conf
-rw-r--r-- 1 named named 350 2009-03-11 21:01 rndc.conf~
-rw-r--r-- 1 named named 437 2009-03-12 20:14 rndc.key
-rw-r--r-- 1 named root 627 2009-02-15 05:18 trusted_networks_acl.conf

I imagine that they should all be user named group root?

Thanks for any more help

Chris

Sorry for all the replies, but looking at my syslog I see:

Mar 14 19:47:34 localhost named[30486]: found 1 CPU, using 1 worker thread
Mar 14 19:47:34 localhost named[30486]: loading configuration from '/etc/named.conf'
Mar 14 19:47:34 localhost named[30486]: listening on IPv4 interface lo, 127.0.0.1#53
Mar 14 19:47:34 localhost named[30486]: listening on IPv4 interface eth1, 192.168.2.2#53
Mar 14 19:47:34 localhost named[30486]: default max-cache-size (33554432) applies
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: 127.IN-ADDR.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: 254.169.IN-ADDR.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: D.F.IP6.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: 8.E.F.IP6.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: 9.E.F.IP6.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: A.E.F.IP6.ARPA
Mar 14 19:47:34 localhost named[30486]: automatic empty zone: B.E.F.IP6.ARPA
Mar 14 19:47:34 localhost named[30486]: default max-cache-size (33554432) applies: view _bind
Mar 14 19:47:34 localhost named[30486]: command channel listening on 127.0.0.1#953

No errors are shown unless "automatic empty zone.." is one.

Dig 'seems' to work:

[chris@localhost ~]$ dig yahoo.com

; <<>> DiG 9.5.0-P2 <<>> yahoo.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6797
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;yahoo.com. IN A

;; ANSWER SECTION:
yahoo.com. 21262 IN A 68.180.206.184
yahoo.com. 21262 IN A 206.190.60.37

;; Query time: 49 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Sat Mar 14 20:50:35 2009
;; MSG SIZE rcvd: 59

It appears to be working but with the 'file not found' errors I don't think it's working right.

It's working fine. The "not found" errors in your 1st post were logged before changing the permissions/ownership of the zone files directory.
named is working because in your named.conf you use absolute pathnames for the zone files location.

Though the errors are still there:

15-Mar-2009 16:39:01.652 general: error: zone 0.in-addr.arpa/IN: loading from master file /var/lib/named/var/named/reverse/named.zero failed: file not found
15-Mar-2009 16:39:01.652 general: error: zone 0.0.127.in-addr.arpa/IN: loading from master file /var/lib/named/var/named/reverse/named.local failed: file not found
15-Mar-2009 16:39:01.652 general: error: zone 255.in-addr.arpa/IN: loading from master file /var/lib/named/var/named/reverse/named.broadcast failed: file not found
15-Mar-2009 16:39:01.652 general: error: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loading from master file /var/lib/named/var/named/reverse/named.ip6.local failed: file not found
15-Mar-2009 16:39:01.653 general: error: zone localdomain/IN: loading from master file /var/lib/named/var/lib/named/master/localdomain.zone failed: file not found
15-Mar-2009 16:39:01.653 general: error: zone localhost/IN: loading from master file /var/lib/named/var/lib/named/master/localhost.zone failed: file not found

At least now something is showing up in the query log:

15-Mar-2009 16:42:00.512 client 127.0.0.1#45551: query: forecastfox.accuweather.com IN AAAA +
15-Mar-2009 16:42:00.751 client 127.0.0.1#36658: query: forecastfox.accuweather.com IN A +
15-Mar-2009 16:42:01.112 client 127.0.0.1#58261: query: sirocco.accuweather.com IN AAAA +
15-Mar-2009 16:42:01.349 client 127.0.0.1#46111: query: sirocco.accuweather.com IN A +
15-Mar-2009 16:42:19.125 client 127.0.0.1#44255: query: pop.embarqmail.com IN AAAA +
15-Mar-2009 16:42:19.126 client 127.0.0.1#47457: query: pop.embarqmail.com IN AAAA +
15-Mar-2009 16:42:19.126 client 127.0.0.1#39573: query: pop.embarqmail.com IN A +

I take that as a sign that all is ok?

And thank you for all your help/advice

Chris

These are the logs when named starts and they are ok. There errors you get, are from named-checkzone, that I guess is running from a script without taking into consideration that you use absolute pathnames for the zone files.
Anyway glad to see it worked at last.

Regards

Thank you, appreciate your patience with me on this.

Chris

I have one, hopefully, more queston regarding this. Looking at the security log I see:

16-Mar-2009 04:03:37.582 security: warning: client 127.0.0.1#43474: RFC 1918 response from Internet for 2.2.168.192.in-addr.arpa

Doing some googling and some reading in other lq forums I found that I need to designate a zone for 192.168.2.2. In my old /etc/named.conf when I was running Mandrake 10.1 I had this:

zone "168.192.in-addr.arpa" {
type master;
file "/var/lib/named/var/named/reverse/named.local";
allow-update { none; };
};

I've added this to my /etc/named.conf that is currently in use. Should that take care of the security log entry or have I got it wrong?

Thank you
Chris

If you don't use 192.168.2.0/24 you'll be ok.
Take a look here for the explanation and solution of this problem.

Regards

I don't use 192.168.2.0 to do lookups I use 127.0.0.1 in my resolv.conf as my nameserver. I read the link you provided and created a file "empty.zone" consisting of:

$TTL 86400
@ 10800 IN SOA localhost. root.localhost. (
1
3600
1200
604800
10800 )
@ 10800 IN NS localhost.

and placed it in /var/lib/named/var/named/master and in
/var/lib/named/var/lib/named/master. I've added this to my /etc/named.conf:

zone "10.IN-ADDR.ARPA" {
type master;
file "/var/lib/named/var/lib/named/empty";
};

zone "16.172.IN-ADDR.ARPA" {
type master;
file "/var/lib/named/var/lib/named/empty";
};

zone "31.172.IN-ADDR.ARPA" {
type master;
file "/var/lib/named/var/lib/named/empty";
};

zone "168.192.IN-ADDR.ARPA" {
type master;
file "/var/lib/named/var/lib/named/empty";
};

stopped and started named again with no problems noted. When starting syslog shows:

Mar 17 19:11:48 localhost named[25776]: starting BIND 9.5.0-P2 -u named -t /var/lib/named
Mar 17 19:11:48 localhost named[25776]: found 1 CPU, using 1 worker thread
Mar 17 19:11:48 localhost named[25776]: loading configuration from '/etc/named.conf'
Mar 17 19:11:48 localhost named[25776]: listening on IPv4 interface lo, 127.0.0.1#53
Mar 17 19:11:48 localhost named[25776]: listening on IPv4 interface eth1, 192.168.2.2#53
Mar 17 19:11:48 localhost named[25776]: default max-cache-size (33554432) applies
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: 127.IN-ADDR.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: 254.169.IN-ADDR.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: D.F.IP6.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: 8.E.F.IP6.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: 9.E.F.IP6.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: A.E.F.IP6.ARPA
Mar 17 19:11:48 localhost named[25776]: automatic empty zone: B.E.F.IP6.ARPA
Mar 17 19:11:48 localhost named[25776]: default max-cache-size (33554432) applies: view _bind
Mar 17 19:11:48 localhost named[25776]: command channel listening on 127.0.0.1#953

Does it all look as it should now? It appears to be working at least the cache does when I ran dig against my domain:

; <<>> DiG 9.5.0-P2 <<>> toadnet.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45495
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;toadnet.com. IN A

;; ANSWER SECTION:
toadnet.com. 14395 IN A 208.78.40.140

;; AUTHORITY SECTION:
toadnet.com. 86395 IN NS ns1.usdcservers.net.
toadnet.com. 86395 IN NS ns2.usdcservers.net.

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Mar 17 19:16:05 2009
;; MSG SIZE rcvd: 96

[chris@localhost ~]$ dig toadnet.com

; <<>> DiG 9.5.0-P2 <<>> toadnet.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40608
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;toadnet.com. IN A

;; ANSWER SECTION:
toadnet.com. 14386 IN A 208.78.40.140

;; AUTHORITY SECTION:
toadnet.com. 86386 IN NS ns1.usdcservers.net.
toadnet.com. 86386 IN NS ns2.usdcservers.net.

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Mar 17 19:16:14 2009
;; MSG SIZE rcvd: 96

Hopefully this is the end to my endless questions. I appreciate your patience and assistance.

Chris

.
I see from named startup logs that your dns has ip 192.168.2.2, so if you have other computers in your network that use your dns, you must create a normal 2.168.192.in-addr.arpa zone file.
I don't see in bind startup logs, if the zones you have defined are loaded, but I guess the logging is done in another file defined in logging.conf
Note also that dig is working because your dns is configured as a caching dns only.