I gave up porting a chroot bind setup from previous Fedora installations to the preferred chroot-less configuration in Fedora 11 and decided just to start from scratch. Unfortunately, I haven't been able to get that working, either.
named seems to start okay: [r...@front etc]# service named restart Stopping named: [OK] Starting named: [OK] ... and I see this in /var/log/messages: Aug 8 19:59:53 front named[2106]: starting BIND 9.6.1-P1-RedHat-9.6.1-4.P1.fc11 -u named Aug 8 19:59:53 front named[2106]: built with '--build=i386-redhat-linux-gnu' '--host=i386-redhat-linux-gnu' '--target=i586-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego' 'build_alias=i386-redhat-linux-gnu' 'host_alias=i386-redhat-linux-gnu' 'target_alias=i586-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i586 -mtune=generic -fasynch ronous-unwind-tables' 'CPPFLAGS= -DDIG_SIGCHASE' Aug 8 19:59:53 front named[2106]: adjusted limit on open files from 1024 to 1048576 Aug 8 19:59:53 front named[2106]: found 1 CPU, using 1 worker thread Aug 8 19:59:53 front named[2106]: using up to 4096 sockets Aug 8 19:59:53 front named[2106]: loading configuration from '/etc/named.conf' Aug 8 19:59:53 front named[2106]: using default UDP/IPv4 port range: [1024, 65535] Aug 8 19:59:53 front named[2106]: using default UDP/IPv6 port range: [1024, 65535] Aug 8 19:59:53 front named[2106]: listening on IPv4 interface lo, 127.0.0.1#53 Aug 8 19:59:53 front named[2106]: listening on IPv6 interface lo, ::1#53 Aug 8 19:59:53 front named[2106]: automatic empty zone: 127.IN-ADDR.ARPA Aug 8 19:59:53 front named[2106]: automatic empty zone: 254.169.IN-ADDR.ARPA Aug 8 19:59:53 front named[2106]: automatic empty zone: 2.0.192.IN-ADDR.ARPA Aug 8 19:59:53 front named[2106]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA Aug 8 19:59:53 front named[2106]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA Aug 8 19:59:53 front named[2106]: automatic empty zone: D.F.IP6.ARPA Aug 8 19:59:53 front named[2106]: automatic empty zone: 8.E.F.IP6.ARPA Aug 8 19:59:53 front named[2106]: automatic empty zone: 9.E.F.IP6.ARPA Aug 8 19:59:53 front named[2106]: automatic empty zone: A.E.F.IP6.ARPA Aug 8 19:59:53 front named[2106]: automatic empty zone: B.E.F.IP6.ARPA Aug 8 19:59:53 front named[2106]: command channel listening on 127.0.0.1#953 Aug 8 19:59:53 front named[2106]: command channel listening on ::1#953 Aug 8 19:59:53 front named[2106]: the working directory is not writable Aug 8 19:59:53 front named[2106]: zone 0.in-addr.arpa/IN: NS '0.in-addr.arpa' has no address records (A or AAAA) Aug 8 19:59:53 front named[2106]: zone 0.in-addr.arpa/IN: loaded serial 0 Aug 8 19:59:53 front named[2106]: zone 1.0.0.127.in-addr.arpa/IN: NS '1.0.0.127.in-addr.arpa' has no address records (A or AAAA) Aug 8 19:59:53 front named[2106]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 Aug 8 19:59:53 front named[2106]: zone 1.168.192.IN-ADDR.ARPA/IN: loaded serial 3 Aug 8 19:59:53 front named[2106]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: NS '1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa' has no address records (A or AAAA) Aug 8 19:59:53 front named[2106]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 Aug 8 19:59:53 front named[2106]: zone localhost.localdomain/IN: loaded serial 0 Aug 8 19:59:53 front named[2106]: zone localhost/IN: loaded serial 0 Aug 8 19:59:53 front named[2106]: zone endoframe.net/IN: loaded serial 3 Aug 8 19:59:53 front named[2106]: running But it doesn't seem to be working: [r...@front etc]# ssh front ssh: Could not resolve hostname front: Name or service not known [r...@front etc]# hostname front.endoframe.net [r...@front etc]# Is "the working directory is not writable" (from /var/log/messages output, above) cause for concern? What directory is it referring to? I deal with this stuff infrequently enough that I've quite likely overlooked something silly. I created entries for my machines using system-config-bind; what follows are (what I hope are the) relevant resulting configuration files. Hopefully some glaring error or omission will jump out at someone: # cat /etc/named.conf: // // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside . trust-anchor dlv.isc.org.; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "1.168.192.IN-ADDR.ARPA." IN { type master; file "192.168.1.db"; }; zone "endoframe.net." IN { type master; file "endoframe.net.db"; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/pki/dnssec-keys//named.dnssec.keys"; include "/etc/pki/dnssec-keys//dlv/dlv.isc.org.conf"; # cat /var/named/endoframe.net.db $TTL 1H @ SOA localhost. root.localhost. ( 3 3H 1H 1W 1H ) NS localhost. front IN 1H A 192.168.1.20 hinge IN 1H A 192.168.1.21 door IN 1H A 192.168.1.1 glyph IN 1H A 192.168.1.10 chime IN 1H A 192.168.1.22 stile IN 1H A 192.168.1.24 bolt IN 1H A 192.168.1.25 # cat /var/named/192.168.1.db $TTL 1H @ SOA localhost. root.localhost. ( 3 3H 1H 1W 1H ) NS localhost. 20 PTR front.endoframe.net. 21 PTR hinge.endoframe.net. 1 PTR door.endoframe.net. 10 PTR glyph.endoframe.net. 22 PTR chime.endoframe.net. 24 PTR stile.endoframe.net. 25 PTR bolt.endoframe.net. -- Braden McDaniel <bra...@endoframe.com> -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines