Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 17 of 17
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11

    named-checkconf -t /var/named/run-root /etc/named.conf
    No results.... just brought me to next line

    [root@alexandrerochedesign root]# ls -l /etc/named.conf
    -rw-r--r-- 1 root root 3830 Mar 26 11:50 /etc/named.conf

    [root@alexandrerochedesign root]# ls -l /var/named/run-root/etc/named.conf
    -r--r--r-- 1 root root 3471 Mar 15 09:44 /var/named/run-root/etc/named.conf

    ANd then for your last one I had to fool around with the syntax a bit to get it working..... The second one looked like it worked OK....

    [root@alexandrerochedesign root]# named-checkzone
    zone loading master file file not found

    [root@alexandrerochedesign root]# named-checkzone /var/named/
    zone loaded serial 2005032400

    Thanks.... you really know what you're doing here...

  2. #12
    Ok, we're going to rearrange things a bit with your configuration. There should never EVER be configuration files lying around unused. It just confuses administrators. So follow these directions:

    # duplicate the config you've been editing to the chroot location
    cat /etc/named.conf > /var/named/run-root/etc/named.conf

    # overwrite config with a symlink pointing to the chroot location
    ln -fs /var/named/run-root/etc/named.conf /etc/named.conf

    # Move all zone files to the chroot zone file directory
    mv -f /var/named/* /var/named/run-root/var/named

    Now you only have 1 config file, which can be accessed from 2 locations, which just makes things more efficient, convenient, and intuitive. Also, all those zone files you've been editing or looking at are no longer located in /var/named. BIND couldn't even reach them, and was loading a config that didn't even try to load them.


    I've mentioned chroot several times without any indication as to what it is, or why you're even using it. Chroot stands for "change root". It does exactly what it stands for. BIND will tell the kernel that it wants to run under a different virtual root directory. After doing so, any time BIND tries to access the file /etc/named.conf, it will ACTUALLY be accessing /var/named/run-root/etc/named.conf. The directory "/var/named/run-root" is BIND's root directory and it absolutely can not access other files in the file system. This is a security feature. If a hacker were to break into BIND and start telling it what to do, the hacker will only have access to files in the /var/named/run-root directory.

    Chroot can be a pretty clumsy thing when it comes to organization, and is frequently difficult to setup the "jail" that a given application will work within. Chroot can be argued as an unnecessary security precaution due to the unlikelihood that your version of BIND will be hacked into (9.2.1). However, some OS configurations come with chroot prepared by default, and since it is already setup, we might as well work with it.


    quote: "you really know what you're doing here..."

    heh, thanks. I've made DNS and BIND my business in more than one sense of the word. I've tried very hard to learn everything there is to know about DNS and BIND.

  3. #13
    Ok wait.
    So I moved the named.conf to /var/named/run-root/etc/named.conf

    Then, I created a symlink in /etc/ to that file.
    then, I moved all the zone files to /var/named/run-root/var/named/

    HOWEVER.... the directory /var/named/run-root/var/named/ did not exist, so I created the directory named in var/named/run-root/var/.....

    I restarted named, but now DNS crawler is saying the server does not exist!
    It says server failure.....


  4. $spacer_open
  5. #14
    There is another folder /var/named/run-root/var/run/named

    inside is a file called

    What is this?
    Should the zone files go in here instead?

  6. #15
    I fixed it you're a genius!
    I moved the zone files to /var/named/run-root/var/ and it worked!

  7. #16
    That's strange. I guess your BIND was compiled to use /var by default. This can be customized by your named.conf.

    Server Failure - means BIND couldn't load the zone file for whatever reason. Reasons include missing file, permission denied, syntax error in the file, etc. is where BIND writes its process id.

  8. #17
    Yeah it seems that would be the issue.

    Thanks again for your help.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts