LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 12-17-2008, 07:38 AM   #1
matters
Member
 
Registered: May 2007
Distribution: Slackware
Posts: 281

Rep: Reputation: Disabled
when starting bind /var/log/messages serial isnt updated


when modified zone files in /var/named/chroot/

after restarting rc.bind in /var/log/messages serial number isnt updated.

even now i cant change domain because of serial number when restarting rc.bind in /var/log/messages i see old domain even when i updated /var/named/chroot/etc/named.conf

when starting rc.bind i see : /usr/sbin/named -u named -t /var/named/chroot -c /etc/named.conf

so when dig hostname with old domain everything works good, but when digging hostname with new domain i see servfail

what causes for bind not to update new serial? and when restarting /var/log/messages reflects with old serial?
 
Old 12-17-2008, 08:12 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,663

Rep: Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818
Quote:
when starting rc.bind i see : /usr/sbin/named -u named -t /var/named/chroot -c /etc/named.conf
According to the above, /etc/named.conf is the main config file you need to edit to add the new domain and not /var/named/chroot/etc/named.conf
 
Old 12-17-2008, 11:17 AM   #3
matters
Member
 
Registered: May 2007
Distribution: Slackware
Posts: 281

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
According to the above, /etc/named.conf is the main config file you need to edit to add the new domain and not /var/named/chroot/etc/named.conf
i tried that from the first place like u said, and in both named.conf modification gives the same result
 
Old 12-17-2008, 02:22 PM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,663

Rep: Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818
Could you post what it's in the directory option in /etc/named.conf?
Also what is the output of
Code:
/usr/sbin/named-checkconf -z
 
Old 12-17-2008, 05:45 PM   #5
matters
Member
 
Registered: May 2007
Distribution: Slackware
Posts: 281

Original Poster
Rep: Reputation: Disabled
here what gives reply

Code:
/usr/sbin/named-checkconf -z
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone berlin.internal/IN: loaded serial 2008171205
zone 0.168.192.in-addr.arpa/IN: loaded serial 2008171205
root@parade:/etc# /etc/rc.d/rc.bind restart
Stopping BIND:  /usr/sbin/rndc stop
Starting BIND:  /usr/sbin/named -u named -t /var/named/chroot -c 
/etc/named.conf

tail /var/log/messages
Dec 18 00:53:37 parade named[3863]: automatic empty zone: 8.E.F.IP6.ARPA
Dec 18 00:53:37 parade named[3863]: automatic empty zone: 9.E.F.IP6.ARPA
Dec 18 00:53:37 parade named[3863]: automatic empty zone: A.E.F.IP6.ARPA
Dec 18 00:53:37 parade named[3863]: automatic empty zone: B.E.F.IP6.ARPA
Dec 18 00:53:37 parade named[3863]: command channel listening on 127.0.0.1#953
Dec 18 00:53:37 parade named[3863]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Dec 18 00:53:37 parade named[3863]: zone 0.168.192.in-addr.arpa/IN: loaded serial 2008261002
Dec 18 00:53:37 parade named[3863]: zone berlin.internal/IN: loaded serial 2008261002
Dec 18 00:53:37 parade named[3863]: zone localhost/IN: loaded serial 42
Dec 18 00:53:37 parade named[3863]: running
now what gives when im in /var/named/chroot/etc
Code:
/var/named/chroot/etc# named-checkconf -z
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone berlin.internal/IN: loaded serial 2008171205
zone 0.168.192.in-addr.arpa/IN: loaded serial 2008171205
now /etc/named.conf which is copied also to /var/named/chroot/etc

Code:
options {
        query-source port 53;
        query-source-v6 port 53;
        directory "/var/named";
        dump-file "data/cache_dump.db";
        statistics-file "data/named_stats.txt";
        memstatistics-file "data/named_mem_stats.txt";

        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};

//
// a caching only nameserver config
//
zone "." IN {
        type hint;
        file "named.root";
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { 127.0.0.1; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { 127.0.0.1; };
};

zone "berlin.internal" IN {
        type master;
        file "berlin.internal.zone";
        allow-update { 192.168.0.3; };
};

zone "0.168.192.in-addr.arpa" IN {
        type master;
        file "berlin.internal.reverse";
        allow-update { 192.168.0.3; };
};


 controls {
       inet 127.0.0.1 port 953
               allow { 127.0.0.1; } keys { "rndc-key"; };
 };


include "/etc/rndc.key";
as you can see when restarting bind serial is not updated

Last edited by matters; 12-17-2008 at 06:09 PM.
 
Old 12-18-2008, 02:08 AM   #6
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,663

Rep: Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818
You should remove the "allow-update { 192.168.0.3; };" statement since you're editing the zone-file by hand. "allow-update" is used when you want to dynamically change a zone (in which case the serial does not increase, since the change is kept in a journal file)

Regards
 
Old 12-18-2008, 07:54 AM   #7
matters
Member
 
Registered: May 2007
Distribution: Slackware
Posts: 281

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
You should remove the "allow-update { 192.168.0.3; };" statement since you're editing the zone-file by hand. "allow-update" is used when you want to dynamically change a zone (in which case the serial does not increase, since the change is kept in a journal file)

Regards
now i cant even start bind anymore no matter what i try

heres logs

Code:
 /usr/sbin/named -g -u named -t /var/named/chroot/ -c /etc/named.conf
18-Dec-2008 14:42:06.001 starting BIND 9.4.2 -g -u named -t /var/named/chroot/ -c /etc/named.conf
18-Dec-2008 14:42:06.002 found 1 CPU, using 1 worker thread
18-Dec-2008 14:42:06.007 loading configuration from '/etc/named.conf'
18-Dec-2008 14:42:06.008 /etc/named.conf:4: change directory to '/var/named' failed: file not found
18-Dec-2008 14:42:06.008 /etc/named.conf:4: parsing failed
18-Dec-2008 14:42:06.008 loading configuration: file not found
18-Dec-2008 14:42:06.008 exiting (due to fatal error)
heres /etc/named.conf
Code:
options {
        query-source port 53;
        query-source-v6 port 53;
        directory "/var/named/chroot/";
        dump-file "data/cache_dump.db";
        statistics-file "data/named_stats.txt";
        memstatistics-file "data/named_mem_stats.txt";

        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};

//
// a caching only nameserver config
//
zone "." IN {
        type hint;
        file "named.root";
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { 127.0.0.1; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { 127.0.0.1; };
};

zone "berlin.internal" IN {
        type master;
        file "berlin.internal.zone";
#       allow-update { 192.168.0.3; };
};

zone "0.168.192.in-addr.arpa" IN {
        type master;
        file "berlin.internal.reverse";
#       allow-update { 192.168.0.3; };
};


 controls {
       inet 127.0.0.1 port 953
               allow { 127.0.0.1; } keys { "rndc-key"; };
 };


include "/etc/rndc.key";
btw in case of servfail in any case is it possible to see detailed logs and possible to find out what cause servfail?
 
Old 12-18-2008, 08:11 AM   #8
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,663

Rep: Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818
You should leave the directory as it was previously (/var/named).
 
Old 12-18-2008, 08:17 AM   #9
matters
Member
 
Registered: May 2007
Distribution: Slackware
Posts: 281

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
You should leave the directory as it was previously (/var/named).
the same thing. no joy.
 
Old 12-18-2008, 08:29 AM   #10
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,663

Rep: Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818
Does /var/named/chroot exist?
What gives:
Code:
ls -l /var/named
 
Old 12-18-2008, 08:36 AM   #11
matters
Member
 
Registered: May 2007
Distribution: Slackware
Posts: 281

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
Does /var/named/chroot exist?
What gives:
Code:
ls -l /var/named
yes /var/named/chroot/ does exist heres info
Code:
ls -l /var/named/
total 36
-rw-r--r-- 1 root  root   513 2008-12-17 12:40 berlin.internal.reverse
-rw-r--r-- 1 root  root   513 2008-12-17 12:38 berlin.internal.reverse~
-rw-r--r-- 1 root  root   326 2008-12-18 00:05 berlin.internal.zone
-rw-r--r-- 1 root  root   326 2008-12-17 12:39 berlin.internal.zone~
drwxr-xr-x 5 named named 4096 2008-10-23 16:33 chroot
drwxr-xr-x 2 root  root  4096 2008-10-20 19:21 data
-rw-r--r-- 1 root  root   195 2008-04-14 00:07 localhost.zone
-rw-r--r-- 1 root  root   433 2008-04-14 00:07 named.local
-rw-r--r-- 1 root  root  2878 2008-04-14 00:07 named.root
here about /var/named/chroot
Code:
/var/named/chroot# find . -ls
557062    4 drwxr-xr-x   5 named    named        4096 Oct 23 16:33 .
557065    4 drwxr-xr-x   3 named    named        4096 Dec 18 15:16 ./etc
557072    4 -rw-r--r--   1 named    named        1374 Dec 18 15:08 ./etc/named.conf~
557068    4 drwxr-xr-x   3 named    named        4096 Oct 26 16:52 ./etc/namedb
557077    4 -rw-r--r--   1 root     root          357 Oct 26 16:23 ./etc/namedb/berlin.internal.zone~
557078    4 -rw-r--r--   1 root     root          506 Oct 26 16:24 ./etc/namedb/berlin.internal.reverse~
557069    4 -rw-r--r--   1 root     root          195 Oct 21 17:02 ./etc/namedb/localhost.zone
557075    4 -rw-r--r--   1 root     root         2878 Oct 21 17:02 ./etc/namedb/named.root
557087    4 drwxr-xr-x   2 named    named        4096 Oct 20 18:02 ./etc/namedb/slave
557080    4 -rw-r--r--   1 root     root          506 Oct 26 16:52 ./etc/namedb/berlin.internal.reverse
557070    4 -rw-r--r--   1 root     root          433 Oct 21 17:02 ./etc/namedb/named.local
557079    4 -rw-r--r--   1 root     root          326 Oct 26 16:52 ./etc/namedb/berlin.internal.zone
557067    4 -rw-r--r--   1 named    named        1917 Oct 21 17:03 ./etc/localtime
557083    4 -rw-r--r--   1 named    named        1374 Dec 18 15:16 ./etc/named.conf
557074    4 -rw-r--r--   1 named    named         238 Oct 23 17:51 ./etc/rndc.conf
557089    4 drwxr-xr-x   3 root     root         4096 Dec 17 14:20 ./var
557092    4 drwxr-xr-x   2 named    named        4096 Dec 18 02:19 ./var/run
557088    4 -rw-r--r--   1 named    named         317 Dec 17 13:49 ./var/berlin.internal.zone~
557100    4 -rw-r--r--   1 named    named         504 Dec 17 13:50 ./var/berlin.internal.reverse~
557099    4 -rw-r--r--   1 named    named         513 Dec 17 13:38 ./var/berlin.local.reverse~
557086    4 -rw-r--r--   1 named    named         326 Dec 17 13:48 ./var/berlin.local.zone~
557085    4 -rw-r--r--   1 named    named         202 Dec 17 13:47 ./var/localhost.zone
557090    4 -rw-r--r--   1 named    named         195 Dec 17 12:47 ./var/localhost.zone~
557093    4 -rw-r--r--   1 named    named        2878 Dec 17 12:47 ./var/named.root
557102    4 -rw-r--r--   1 named    named         513 Dec 17 14:20 ./var/berlin.internal.reverse
557073    4 -rw-r--r--   1 named    named         433 Dec 17 13:46 ./var/named.local
557101    4 -rw-r--r--   1 named    named         326 Dec 17 14:18 ./var/berlin.internal.zone
557091    4 -rw-r--r--   1 named    named         433 Dec 17 12:47 ./var/named.local~
557058    4 drwxr-xr-x   2 named    named        4096 Dec 18 13:28 ./dev
557064    0 crw-rw-rw-   1 root     root              Oct 20 18:11 ./dev/null
557063    0 crw-rw-rw-   1 root     root              Oct 20 18:11 ./dev/random
557066    0 srw-rw-rw-   1 root     root            0 Dec 18 13:28 ./dev/log

Last edited by matters; 12-18-2008 at 08:42 AM.
 
Old 12-18-2008, 08:55 AM   #12
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,663

Rep: Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818
I guess you're editing for example the zone-file /var/named/chroot/var/berlin.internal.zone and you don't see the serial increasing. This is because you're using /var/named/chroot as the jail directory and then from named.conf you have defined /var/named as the zone directory. Thus the correct zone-file location (in absolute pathname) is /var/named/chroot/var/named/berlin.internal.zone.
So change the directory option in named.conf to:
Code:
directory "/var";
increase the serial and reload the zone to see if it works.

Last edited by bathory; 12-18-2008 at 08:57 AM.
 
Old 12-18-2008, 09:29 AM   #13
matters
Member
 
Registered: May 2007
Distribution: Slackware
Posts: 281

Original Poster
Rep: Reputation: Disabled
now the serial is updated but dig gives problem

dig parade.berlin.internal

; <<>> DiG 9.4.2 <<>> parade.berlin.internal
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57668
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;parade.berlin.internal. IN A

;; AUTHORITY SECTION:
. 3575 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2008121800 1800 900 604800 86400

;; Query time: 30 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Thu Dec 18 16:21:41 2008
;; MSG SIZE rcvd: 115

and on /etc.rc.d/rc.bind stop i get

rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not syncronized, or
* the key is invalid.
Using killall named on additional BIND processes...
 
Old 12-18-2008, 09:56 AM   #14
matters
Member
 
Registered: May 2007
Distribution: Slackware
Posts: 281

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
I guess you're editing for example the zone-file /var/named/chroot/var/berlin.internal.zone and you don't see the serial increasing. This is because you're using /var/named/chroot as the jail directory and then from named.conf you have defined /var/named as the zone directory. Thus the correct zone-file location (in absolute pathname) is /var/named/chroot/var/named/berlin.internal.zone.
So change the directory option in named.conf to:
Code:
directory "/var";
increase the serial and reload the zone to see if it works.
I got it working. the last problem when rc.bind stop i had to recreate rncd.key and conf file and now its all working good

just quick question. in case i get servfail when digging is there a way to analyze what caused servfail so i can troubleshoot ?

Thanks!
 
Old 12-19-2008, 02:40 AM   #15
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,663

Rep: Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818Reputation: 1818
Quote:
just quick question. in case i get servfail when digging is there a way to analyze what caused servfail so i can troubleshoot ?
You can enable logging, or you can use
Code:
rndc trace 3
to increase on the fly the debug level.

Regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
/var/log/messages and /var/log/cron not working sigkill Linux - Software 6 08-09-2008 01:08 PM
Bash script for server log (namely var/log/messages) tenaciousbob Programming 17 05-24-2007 10:43 AM
Redirecting the kernel messages to file other than /var/log/messages jyotika_b83 Linux - General 3 04-28-2005 06:39 PM
Starting Mozilla spams /var/log/messages Tinkster Slackware 7 08-22-2004 03:39 AM
/var/log/messages full of these messages. Should I be concerned? mdavis Linux - Security 5 04-16-2004 10:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 05:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration