Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 17 of 17
named-checkconf -t /var/named/run-root /etc/named.conf No results.... just brought me to next line [root@alexandrerochedesign root]# ls -l /etc/named.conf -rw-r--r-- 1 root root 3830 Mar 26 11:50 /etc/named.conf [root@alexandrerochedesign root]# ls -l ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Just Joined!
    Join Date
    Mar 2005
    Posts
    20

    named-checkconf -t /var/named/run-root /etc/named.conf
    No results.... just brought me to next line

    [root@alexandrerochedesign root]# ls -l /etc/named.conf
    -rw-r--r-- 1 root root 3830 Mar 26 11:50 /etc/named.conf

    [root@alexandrerochedesign root]# ls -l /var/named/run-root/etc/named.conf
    -r--r--r-- 1 root root 3471 Mar 15 09:44 /var/named/run-root/etc/named.conf

    ANd then for your last one I had to fool around with the syntax a bit to get it working..... The second one looked like it worked OK....

    [root@alexandrerochedesign root]# named-checkzone downwithbettman.com downwithbettman.zone
    zone downwithbettman.com/IN: loading master file downwithbettman.zone: file not found

    [root@alexandrerochedesign root]# named-checkzone downwithbettman.com /var/named/downwithbettman.zone
    zone downwithbettman.com/IN: loaded serial 2005032400
    OK


    Thanks.... you really know what you're doing here...

  2. #12
    Linux Newbie
    Join Date
    Mar 2005
    Posts
    230
    Ok, we're going to rearrange things a bit with your configuration. There should never EVER be configuration files lying around unused. It just confuses administrators. So follow these directions:

    # duplicate the config you've been editing to the chroot location
    cat /etc/named.conf > /var/named/run-root/etc/named.conf

    # overwrite config with a symlink pointing to the chroot location
    ln -fs /var/named/run-root/etc/named.conf /etc/named.conf

    # Move all zone files to the chroot zone file directory
    mv -f /var/named/* /var/named/run-root/var/named

    Now you only have 1 config file, which can be accessed from 2 locations, which just makes things more efficient, convenient, and intuitive. Also, all those zone files you've been editing or looking at are no longer located in /var/named. BIND couldn't even reach them, and was loading a config that didn't even try to load them.

    CHROOT EXPLAINED...

    I've mentioned chroot several times without any indication as to what it is, or why you're even using it. Chroot stands for "change root". It does exactly what it stands for. BIND will tell the kernel that it wants to run under a different virtual root directory. After doing so, any time BIND tries to access the file /etc/named.conf, it will ACTUALLY be accessing /var/named/run-root/etc/named.conf. The directory "/var/named/run-root" is BIND's root directory and it absolutely can not access other files in the file system. This is a security feature. If a hacker were to break into BIND and start telling it what to do, the hacker will only have access to files in the /var/named/run-root directory.

    Chroot can be a pretty clumsy thing when it comes to organization, and is frequently difficult to setup the "jail" that a given application will work within. Chroot can be argued as an unnecessary security precaution due to the unlikelihood that your version of BIND will be hacked into (9.2.1). However, some OS configurations come with chroot prepared by default, and since it is already setup, we might as well work with it.

    ----

    quote: "you really know what you're doing here..."

    heh, thanks. I've made DNS and BIND my business in more than one sense of the word. I've tried very hard to learn everything there is to know about DNS and BIND.

  3. #13
    Just Joined!
    Join Date
    Mar 2005
    Posts
    20
    Ok wait.
    So I moved the named.conf to /var/named/run-root/etc/named.conf

    Then, I created a symlink in /etc/ to that file.
    then, I moved all the zone files to /var/named/run-root/var/named/

    HOWEVER.... the directory /var/named/run-root/var/named/ did not exist, so I created the directory named in var/named/run-root/var/.....

    I restarted named, but now DNS crawler is saying the server does not exist!
    It says server failure.....

    Alexandre

  4. $spacer_open
    $spacer_close
  5. #14
    Just Joined!
    Join Date
    Mar 2005
    Posts
    20
    There is another folder /var/named/run-root/var/run/named

    inside is a file called named.pid.

    What is this?
    Should the zone files go in here instead?

  6. #15
    Just Joined!
    Join Date
    Mar 2005
    Posts
    20
    I fixed it you're a genius!
    I moved the zone files to /var/named/run-root/var/ and it worked!

  7. #16
    Linux Newbie
    Join Date
    Mar 2005
    Posts
    230
    That's strange. I guess your BIND was compiled to use /var by default. This can be customized by your named.conf.

    Server Failure - means BIND couldn't load the zone file for whatever reason. Reasons include missing file, permission denied, syntax error in the file, etc.

    named.pid is where BIND writes its process id.

  8. #17
    Just Joined!
    Join Date
    Mar 2005
    Posts
    20
    Yeah it seems that would be the issue.

    Thanks again for your help.

    Alexandre

Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •