Re: compile and install from source
+--On 30 mars 2015 17:13:15 -0700 Kevin Oberman wrote: | Note that chroot has just been re-enabled in the FreeBSD BIND ports. It's | not default, so you must select the CHROOT option. This was just | announced last week, and I am not sure the change has actually been | committed. There is no CHROOT options, there is a named_chrootdir rc variable to setup. And it has been committed. Trust me. -- Mathieu Arnold ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
+--On 30 mars 2015 19:32:09 -0600 "@lbutlr" wrote: |> # /usr/local/sbin/named -u bind -c /etc/namedb/named.conf \ |> -t /var/named | | Yes, that works without reporting any errors, so the issue appears to be | with /usr/local/etc/rc.d/named startup script. Well, your first post says you're using 8.4, so there should be no such script, it should be in /etc/rc.d. |> syslogd_flags="-l /var/named/var/run/log" |> |> to /etc/rc.conf and restarting syslogd may get you some better logging |> information. | | Don’t see anything logged on either the startup or the failed startup. | | However, if I try to check rndc… | |# /usr/local/sbin/rndc status | rndc: neither /etc/rndc.conf nor /etc/rndc.key was found That's because you built named manually and not from ports, so it doesn't know where it should find its bits. | Now, it is true that there is no rndc.conf, but that is true all all | three name servers. There is a rndc.key in /var/named/etc/namedb/rndc.conf | | I’m not sure why it is looking in (I assume /var/named/etc instead of) | /var/named/etc/namedb. Because you built it manually so it did not get all the right configure options the port has. | is named_chrootdir="/var/named" not correct? It is. -- Mathieu Arnold ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
On 31/03/2015 02:32, @lbutlr wrote: >> Can you start the named process "by hand" -- the command line should be >> > something like: >> > >> > # /usr/local/sbin/named -u bind -c /etc/namedb/named.conf \ >> >-t /var/named > Yes, that works without reporting any errors, so the issue appears to > be with /usr/local/etc/rc.d/named startup script. Since you're running FreeBSD 8.4, you will still have the startup scripts from the base system -- /etc/rc.d/named These are quite capable of starting up the ports version of named. Just set named_command="/usr/local/sbin/named" in /etc/rc.conf Actually, given you *aren't* using the ports, where did /usr/local/etc/rc.d/named come from? That's supplied exclusively by the port. > However, if I try to check rndc… > > # /usr/local/sbin/rndc status > rndc: neither /etc/rndc.conf nor /etc/rndc.key was found > > Now, it is true that there is no rndc.conf, but that is true all all three > name servers. There is a rndc.key in /var/named/etc/namedb/rndc.conf > > I’m not sure why it is looking in (I assume /var/named/etc instead of) > /var/named/etc/namedb. > > is named_chrootdir="/var/named" not correct? There should be a symbolic link /etc/namedb -> /var/named/etc/namedb if you're using the standard chroot setup in FreeBSD 8.4. The default location for rndc.conf is /etc/namedb/rndc.conf but again, there would usually be a symlink /etc/rndc.conf -> /etc/namedb/rndc.conf (which means the actual location after chasing all the symlinks is /var/named/etc/namedb/rndc.conf) Similarly for rndc.key if you are using that instead. I usually added another symlink /usr/local/etc/rndc.conf -> /etc/namedb/rndc.conf when using the ports version of named with the system versions of the named configuration scripts. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey JID: matt...@infracaninophile.co.uk signature.asc Description: OpenPGP digital signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
> On Mar 31, 2015, at 02:46, Mathieu Arnold wrote: > > +--On 30 mars 2015 19:32:09 -0600 "@lbutlr" wrote: > |> # /usr/local/sbin/named -u bind -c /etc/namedb/named.conf \ > |>-t /var/named > | > | Yes, that works without reporting any errors, so the issue appears to be > | with /usr/local/etc/rc.d/named startup script. > > Well, your first post says you're using 8.4, so there should be no such > script, it should be in /etc/rc.d. Yes, you’re right. That was a thinko. > /usr/local/sbin/rndc status > | rndc: neither /etc/rndc.conf nor /etc/rndc.key was found > > That's because you built named manually and not from ports, so it doesn't > know where it should find its bits. I don’t see why not, /etc/defaults/rc.conf shows: named_program="/usr/sbin/named" # Path to named, if you want a different one. named_conf="/etc/namedb/named.conf" # Path to the configuration file named_chrootdir="/var/named"# Chroot directory (or "" not to auto-chroot it) So it seems it should be looking in /var/named/etc/namedb/ (and in fact it does look there for the conf file); rndc seems to be looking elsewhere though. > | Now, it is true that there is no rndc.conf, but that is true all all > | three name servers. There is a rndc.key in /var/named/etc/namedb/rndc.conf > | > | I’m not sure why it is looking in (I assume /var/named/etc instead of) > | /var/named/etc/namedb. > > Because you built it manually so it did not get all the right configure > options the port has. OK, well I cannot build via ports, so what magic does the port invoke? > | is named_chrootdir="/var/named" not correct? > > It is. Then why can’t rndc find the key file? And why is it looking outside the chroot? # cp rndc.key /etc # rndc status version: 9.9.7 [… Stuff …] server is up and running # -- Honesty may be the best policy, but it's important to remember that apparently, by elimination, dishonesty is the second-best policy. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Basic info on interfaces file
For educational interest i am setting up an authoritative only DNS server at home and after a few failures i am starting at the beginning again. I am using Bind9 with Ubuntu 14.04 server software. Todays question revoles around the /etc/network/interfaces file. In the line starting with 'address' i have inserted the internal IP address of the machine running the bind software. I presume that is correct? In the line starting with 'dns-nameserver' i am unsure whether it should be the same the 'address' as above or whether it should be my static public IP address. Which should it be? Thanks for any assistance you may wish to give Stephen Eyre Sent from Yahoo Mail on Android ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Basic info on interfaces file
This is not really a BIND question; this mailing list is for BIND questions. RTM. Start with this command: man 5 interfaces You can use the 'q' key to exit from the manual page. The BIND name server will not read /etc/resolv.conf (which is what that dns-nameserver line refers to), so set it to '::1'. Or whatever makes sense to you. The 'address' line sets the local address for the interface, on the server itself. Good luck. The following may also be of some help: https://help.ubuntu.com/community/BIND9ServerHowto Regards, Chris > On Mar 31, 2015, at 11:33 PM, STEPHEN EYRE wrote: > > For educational interest i am setting up an authoritative only DNS server at > home and after a few failures i am starting at the beginning again. > > I am using Bind9 with Ubuntu 14.04 server software. > > Todays question revoles around the /etc/network/interfaces file. > > In the line starting with 'address' i have inserted the internal IP address > of the machine running the bind software. I presume that is correct? > > In the line starting with 'dns-nameserver' i am unsure whether it should be > the same the 'address' as above or whether it should be my static public IP > address. Which should it be? > > Thanks for any assistance you may wish to give > > Stephen Eyre > > Sent from Yahoo Mail on Android > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
