[Vserver] Running bind 9.2.4 on Debian Sarge without caps

2006-10-24 Thread Holger Nowak 
Title: Running bind 9.2.4 on Debian Sarge without caps






Hello,

I know that running bind in a vserver guest is a bit problematic, so I decided to recompile Bind with linux-caps disabled according to

http://linux-vserver.org/Problematic_Programs#Bind9_on_Debian_GNU.2FLinux_Woody_.283.0.29_and_Sarge_.283.1.29

and

http://www.newt.com/debian/acornHOWTO/ (Section bind9)


But I couldn't start named properly. No error messages neither on promt nor on syslog occur but the name server isn't running.

If I want to stop the service I receive the well known message:


Stopping domain name service: namedrndc: connect failed: connection refused


But I don't think it is a permission problem, since running named in foreground resulting in


mystery:/etc/bind# named -g -p 53

Oct 24 13:50:14.675 starting BIND 9.2.4 -g -p 53

Oct 24 13:50:14.676 using 1 CPU

Oct 24 13:50:14.678 loading configuration from '/etc/bind/named.conf'

Segmentation fault (core dumped)


strace gives no more information, so I think I've made some mistake configuring the listening server.

The crucial file where named is stop is the name.conf.options


mystery:/etc/bind# cat named.conf.options

options {


    // Avoids listening on 127.0.0.1.

    listen-on {

    195.227.242.154;

    };


    auth-nxdomain no;    # conform to RFC1035


};


    controls {

    inet 195.227.242.154 allow {

   195.227.242.154;

    };

    };


The one and only IP is 195.227.242.154 which is a virtual IP on eth0:5 on the host system. The host system is running bind too but I don't listen to the given IP.

If I disable the listen directive I get the following message from named:


mystery:/etc/bind# named -g -p 53

Oct 24 13:56:53.970 starting BIND 9.2.4 -g -p 53

Oct 24 13:56:53.970 using 1 CPU

Oct 24 13:56:53.973 loading configuration from '/etc/bind/named.conf'

Oct 24 13:56:53.973 no IPv6 interfaces found

Oct 24 13:56:53.973 listening on IPv4 interface eth0:5, 195.227.242.154#53

Oct 24 13:56:53.975 peer.c:87: REQUIRE(*list != ((void *)0)) failed

Oct 24 13:56:53.975 exiting (due to assertion failure)

Aborted (core dumped)


I've been at my wits' end and I hope some could help me.


Best regards,

Holger


--

Holger Nowak

Junior Projektmanager

Datenmanagement | Programmierung

psychonomics AG

Berrenrather Str. 154-156

D-50937 Köln

T +49 (0) 221 42061-346

F +49 (0) 221 42061-100

E-Mail: [EMAIL PROTECTED]

www.psychonomics.de



-
Neuer "psychonomics Kundenmonitor Banken" ab Ende September 2006 erhaeltlich. Weitere Info: www.psychonomics.de/kundenmonitor_banken
psychonomics Newsletter bestellen: www.psychonomics.de/newsletter 
 ___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

AW: [Vserver] Running bind 9.2.4 on Debian Sarge without caps

2006-10-24 Thread Holger Nowak 
>> But I couldn't start named properly. No error messages neither on 
>> promt nor on syslog occur but the name server isn't running. If I
want 
>> to stop the service I receive the well known message:
>>
>> Stopping domain name service: namedrndc: connect failed: connection 
>> refused

> IIRC rndc wants to connect to localhost, which of course is not
possible if 
> this resolves to the loopback interface

> A line like 

>localhost

> in /etc/hosts should fix that.

I forgot to post. This didn't help.
Before your mail my /etc/hosts looks like

195.227.242.154 localhost

I added the  but it didn't change anything

Every command with rndc like
rndc -s localhost stats

fails with "connection refused".

Localhost is reachable:
mystery:/# ping -c3 localhost
PING mystery (195.227.242.154) 56(84) bytes of data.
64 bytes from mystery (195.227.242.154): icmp_seq=1 ttl=64 time=0.029 ms
...

Regards,
Holger


---

Neuer "psychonomics Kundenmonitor Banken" ab Ende September 2006 erhaeltlich. 
Weitere Info: www.psychonomics.de/kundenmonitor_banken

psychonomics Newsletter bestellen: www.psychonomics.de/newsletter 



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

AW: AW: [Vserver] Running bind 9.2.4 on Debian Sarge without caps

2006-10-24 Thread Holger Nowak 
Hi Christoph and Peter,

>> > IIRC rndc wants to connect to localhost, which of course is not
>> possible if
>> > this resolves to the loopback interface
>> 
>> > A line like
>> 
>> >localhost
>> 
>> > in /etc/hosts should fix that.

>If I remember correctly rndc does not respect the hosts file. You have
to set up /etc/bind/rndc.conf like this:

>include "/etc/bind/rndc.key";

>options {
>default-server 195.227.242.154;
>default-key rndc-key;
>};

> and generate a key in /etc/bind/rndc-key with rndc-confgen.

I did copy the key in rndc.conf but neither this nor including the file
doesn't change the behaviour. Also the options not to listen to ipv6
doesn't change anything.

Regards,
Holger

---

Neuer "psychonomics Kundenmonitor Banken" ab Ende September 2006 erhaeltlich. 
Weitere Info: www.psychonomics.de/kundenmonitor_banken

psychonomics Newsletter bestellen: www.psychonomics.de/newsletter 



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver