May the almighty Fred, god of computers, bless you and your keyboard!!! Had to do about 5 minutes of looking up this whole chroot jail thingy, but once it clicked my dns came up no problem.. It explained a lot too.. Like why test entries that I put into the locahost.zone didn't come up, and why when I purposely put errors in named.conf that it didn't barf on me.. (It wasn't looking at those!! Genious!! hehee) Seriously, thanks for the heads up... One follow-up question. Now that I've jack around with my permissions on all of these, any suggestions on ownership/permission settings for the various files and directories under /var/named?? Thanks Again!!! > -----Original Message----- > From: fedora-list-admin@xxxxxxxxxx > [mailto:fedora-list-admin@xxxxxxxxxx] On Behalf Of Matt Harris > Sent: Sunday, March 07, 2004 6:31 PM > To: fedora-list@xxxxxxxxxx > Subject: Re: New install, having bind issues > > > By default, fedora runs named in a chroot jail. > Consequently, all the config files and such are kept in > /var/named/chroot/whatever. If the copy of named.conf you > are editing isn't in /var/named/chroot/etc, then named won't > ever even see that you want it to serve that domain. All of > your zone files must be in /var/named/chroot/var/named. > > I beat my head against that for quite some time too. Hope this helps. > > On Sun, 2004-03-07 at 19:08, Jeremy Lunsford wrote: > > I hope someone can help, I've been beating my head against this for > > the last 24hours. > > > > I just did a fresh install of Fedora. The install seemed > to go well, > > so I started restoring all my files. I checked the new named.conf > > file and all the header stuff at the top matched up exactly with my > > old one. (Which was from a RedHat 9 install, so same major > version of > > bind) So I copied my named.conf file into /etc. I then > copied all my > > zone files into /var/named. (Not replacing the hint file) Then I > > started bind.. It will resolve other domains with no > problem, but when > > I query it about a domain that it is master for it gives me a > > > > ** server can't find thedames.com: SERVFAIL > > > > In my log file all I get is a lame server error.. > > > > Mar 7 20:56:24 bender named[22199]: lame server resolving > > 'thedames.com' (in 'thedames.com'?): 209.75.97.4#53 > > > > So my server clearly doesn't think that it has info for > those zones. > > At first I thought this was a permissions issue. However at this > > point my named.conf file and all my zone files are 777 with > an owner > > of named. So I don't think that is an issue.. I don't get > any errors > > when restarting named. It just happily says that its loading > > named.conf and that everything is great. > > > > Mar 7 20:48:55 bender named[22199]: starting BIND 9.2.2-P3 -u > > named -t /var/named/chroot > > Mar 7 20:48:55 bender named[22199]: using 1 CPU > > Mar 7 20:48:55 bender named[22199]: loading configuration from > > '/etc/named.conf' > > Mar 7 20:48:55 bender named[22199]: no IPv6 interfaces found > > Mar 7 20:48:55 bender named[22199]: listening on IPv4 interface > > lo, 127.0.0.1#53 > > Mar 7 20:48:55 bender named[22199]: listening on IPv4 interface > > eth0, 209.75.97.2#53 > > Mar 7 20:48:55 bender named[22199]: command channel > listening on > > 127.0.0.1#953 > > Mar 7 20:48:55 bender named[22199]: running > > Mar 7 17:48:55 bender named: named startup succeeded > > > > > > If I run named-checkconf on my named.conf file I get the following: > > > > [root@bender etc]# named-checkconf -t /etc/ named.conf > > named.conf:4: change directory to '/var/named' failed: > file not found > > named.conf:4: parsing failed > > > > I had my friend run that same command on his server thou, > and he got > > the same error. I think I'm running the command wrong. > > > > Here is my current named.conf file, and one of my zone files: > > > > // generated by named-bootconf.pl > > > > options { > > directory "/var/named"; > > /* > > * If there is a firewall between you and > nameservers you want > > * to talk to, you might need to uncomment the query-source > > * directive below. Previous versions of BIND always asked > > * questions using port 53, but BIND 8.1 uses an > unprivileged > > * port by default. > > */ > > // query-source address * port 53; > > }; > > > > // > > // a caching only nameserver config > > // > > controls { > > inet 127.0.0.1 allow { localhost; } keys { rndckey; }; > > }; > > zone "." IN { > > type hint; > > file "named.ca"; > > }; > > > > zone "localhost" IN { > > type master; > > file "localhost.zone"; > > allow-update { none; }; > > }; > > > > zone "0.0.127.in-addr.arpa" IN { > > type master; > > file "named.local"; > > allow-update { none; }; > > }; > > > > include "/etc/rndc.key"; > > > > > > zone "vmfaq.com"{ > > type master; > > file "vmfaq.com"; > > }; > > > > zone "ethiopianet.net"{ > > type master; > > file "./ethiopianet.net"; > > }; > > > > zone "thecryptorium.com"{ > > type master; > > file "./thecryptorium.com"; > > }; > > > > zone "monku.org"{ > > type master; > > file "./monku.org"; > > }; > > > > zone "thedames.com"{ > > type master; > > file "thedames.com"; > > }; > > > > zone "gravelymanor.com"{ > > type master; > > file "./gravelymanor.com"; > > }; > > > > > > > > ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; > > ; File vmfaq.com > > ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; > > ; $ORIGIN vmfaq.com > > ; @ = vmfaq.com > > ; > > @ 86400 IN SOA ns1.vmfaq.com. dnsadmin.vmfaq.com. ( > > 200403070 ; Serial number > > 10800 ; Refresh after 3 hours > > 3600 ; Retry after 1 hour > > 604800 ; Expire after 1 week > > 86400 ) ; Minimum TTL of 1 day > > > > 86400 IN NS ns1.vmfaq.com. > > 86400 IN NS ns1.thoene.net. > > > > > > vmfaq.com. 86400 IN A 209.75.97.2 > > 86400 IN MX 0 mx1.veriomail.com. > > www 86400 IN A 209.75.97.2 > > bender 86400 IN A 209.75.97.2 > > ns1 86400 IN A 209.75.97.2 > > fonts 86400 IN A 209.75.97.2 > > > > > > > > I found one place that said that I needed to put a $TTL 1D > at the top > > of my zones files. I've tried that, no luck.. Plus, the > zone checker > > utility says all my zones are ok. Besides my zone files > having their > > permissions wide open, so does the actual named directory.. > > > > If anyone has some suggestions, I'd love to hear them. > I've never had > > this kind of problem with DNS before. I've been doing it > for quite a > > while and the thing I love about bind is that it always just works. > > (Except today.) > > > > Thanks!!!! > > > > > > > > > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list >
