Re: Dynamic DNS and failed journal

[Brian Chadwick <brianchad@xxxxxxxxxxxxxx>]

Tim wrote:
> On Tue, 2006-08-01 at 10:03 +1000, Brian Chadwick wrote:
>
>   
> > No, it chroots first. So you should put your DDNS zone file in 
> > /var/named/chroot/var/named/slaves (I expect you have a symlink 
> > /var/named/slaves -> /var/named/chroot/var/named/slaves btw).
> >     
>
> Just looking at a few FC4 systems here, the /var/named/slaves isn't a
> symlink to the chroot location.  Has FC5 fixed that?
>
>   
> > just for a test ... i chmodded all of /var/named to named.named ....
> > stilll the permission error ... I am not using SELinux by the way
> >     
>
> Did you change it recursively, and include the parent directory?  You
> might want to show us the output from listing the directories, and
> configuration files, and probably the tail end of /var/log/messages
> after restarting the name server.
>
> NB:  It's hard to work out who said what to who in your post, and gets
> even worse when someone tries to reply.  Please do quoting in a
> conventional manner.
>   



Yes I did a recursive chmod.

from /var i did chmod -R named.named var

i cant give you a directory listing now, i have reset the permissions to 
original

the output from messages after a named and dhcpd restart and an 
immeadiate lease request and ddns update is below.

Aug  1 17:28:47 server dhcpd: Internet Systems Consortium DHCP Server 
V3.0.3-RedHat
Aug  1 17:28:47 server dhcpd: Copyright 2004-2005 Internet Systems 
Consortium.
Aug  1 17:28:47 server dhcpd: All rights reserved.
Aug  1 17:28:47 server dhcpd: For info, please visit 
http://www.isc.org/sw/dhcp/Aug  1 17:28:47 server dhcpd: Wrote 0 deleted 
host decls to leases file.
Aug  1 17:28:47 server dhcpd: Wrote 0 new dynamic host decls to leases file.
Aug  1 17:28:47 server dhcpd: Wrote 10 leases to leases file.
Aug  1 17:28:47 server dhcpd: Listening on 
LPF/eth1/00:a0:c9:6f:4b:d8/192.168.10/24
Aug  1 17:28:47 server dhcpd: Sending on   
LPF/eth1/00:a0:c9:6f:4b:d8/192.168.10/24
Aug  1 17:28:47 server dhcpd: Sending on   Socket/fallback/fallback-net
Aug  1 17:28:47 server dhcpd: dhcpd startup succeeded
Aug  1 17:28:51 server named[23130]: starting BIND 9.3.2 -u named -t 
/var/named/chroot
Aug  1 17:28:51 server named[23130]: found 2 CPUs, using 2 worker threads
Aug  1 17:28:51 server named[23130]: loading configuration from 
'/etc/named.conf'
Aug  1 17:28:51 server named[23130]: listening on IPv4 interface lo, 
127.0.0.1#53
Aug  1 17:28:51 server named[23130]: listening on IPv4 interface eth1, 
192.168.10.254#53
Aug  1 17:28:51 server named[23130]: zone 'bac.org.au' allows updates by 
IP address, which is insecure
Aug  1 17:28:51 server named[23130]: zone '10.168.192.in-addr.arpa' 
allows updates by IP address, which is insecure
Aug  1 17:28:51 server named[23130]: command channel listening on 
127.0.0.1#953
Aug  1 17:28:51 server named[23130]: zone 0.in-addr.arpa/IN: loaded 
serial 42
Aug  1 17:28:51 server named[23130]: zone 0.0.127.in-addr.arpa/IN: 
loaded serial 1997022700
Aug  1 17:28:51 server named[23130]: zone 10.168.192.in-addr.arpa/IN: 
loaded serial 1154323483
Aug  1 17:28:51 server named[23130]: zone 255.in-addr.arpa/IN: loaded 
serial 42
Aug  1 17:28:51 server named[23130]: zone 
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: 
loaded serial 1997022700
Aug  1 17:28:51 server named[23130]: zone bac.org.au/IN: loaded serial 
1154323444
Aug  1 17:28:51 server named[23130]: zone localdomain/IN: loaded serial 42
Aug  1 17:28:51 server named[23130]: zone localhost/IN: loaded serial 42
Aug  1 17:28:51 server named[23130]: running
Aug  1 17:29:06 server dhcpd: No hostname for 192.168.10.190
Aug  1 17:29:06 server dhcpd: DHCPDISCOVER from 00:0c:29:b2:ac:3e (box) 
via eth1Aug  1 17:29:07 server dhcpd: DHCPOFFER on 192.168.10.190 to 
00:0c:29:b2:ac:3e via eth1
Aug  1 17:29:07 server dhcpd: No hostname for 192.168.10.190
Aug  1 17:29:07 server dhcpd: DHCPDISCOVER from 00:0c:29:b2:ac:3e via eth1
Aug  1 17:29:07 server dhcpd: DHCPOFFER on 192.168.10.190 to 
00:0c:29:b2:ac:3e (box) via eth1
Aug  1 17:29:07 server named[23130]: client 192.168.10.254#32843: 
updating zone
'bac.org.au/IN': adding an RR at 'box.bac.org.au' A
Aug  1 17:29:07 server named[23130]: client 192.168.10.254#32843: 
updating zone
'bac.org.au/IN': adding an RR at 'box.bac.org.au' TXT
Aug  1 17:29:07 server named[23130]: journal file 
/var/named/bac.org.au.hosts.jnl does not exist, creating it
Aug  1 17:29:07 server named[23130]: /var/named/bac.org.au.hosts.jnl: 
create: permission denied
Aug  1 17:29:07 server named[23130]: client 192.168.10.254#32843: 
updating zone
'bac.org.au/IN': error: journal open failed: unexpected error
Aug  1 17:29:07 server dhcpd: Unable to add forward map from 
box.bac.org.au to 192.168.10.190: timed out
Aug  1 17:29:07 server dhcpd: No hostname for 192.168.10.190
Aug  1 17:29:07 server dhcpd: DHCPREQUEST for 192.168.10.190 
(192.168.10.254) from 00:0c:29:b2:ac:3e (box) via eth1
Aug  1 17:29:07 server dhcpd: DHCPACK on 192.168.10.190 to 
00:0c:29:b2:ac:3e (box) via eth1

As you can see ... everything seems to work ok except being able to 
write the jnl file.

named.conf -
//
// named.conf for Red Hat caching-nameserver
//

acl "bac-net" { 192.168.10.0/24; 127.0.0.1; };

options {
   directory "/var/named/";
   dump-file "/var/named/data/cache_dump.db";
   statistics-file "/var/named/data/named_stats.txt";
       listen-on { "bac-net"; };
       allow-query { "bac-net"; };

   /*
    * If there is a firewall between you and nameservers you want
    * to talk to, you might need to uncomment the query-source
    * directive below.  Previous versions of BIND always asked
    * questions using port 53, but BIND 8.1 uses an unprivileged
    * port by default.
    */
    // query-source address * port 53;

   forwarders {
       203.21.20.20;
       203.10.1.9;
       };
};

//logging {
//    channel "named_log" {
       // send most BIND logs to a dedicated log file
//        file "/var/named/data/named.log" versions 10 size 500k;
//        severity dynamic;
//        print-category yes;
//        print-severity yes;
//        print-time yes;
//    };

//    channel "query_log" {
//        file "/var/named/data/query.log" versions 10 size 500k;
//        severity debug;
//        print-severity yes;
//        print-time yes;
//    };
  
//    category default { named_log; };
//    category queries { query_log; };
//};




//
// a caching only nameserver config
//
controls {
   inet 127.0.0.1 port 953
   allow { 127.0.0.1; 192.168.10.254; } keys { rndckey; };
};

zone "." IN {
   type hint;
   file "named.ca";
};

zone "localdomain" IN {
   type master;
   file "localdomain.zone";
   allow-update { none; };
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
   allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
   type master;
   file "named.local";
   allow-update { none; };
};

zone 
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" 
IN {
   type master;
   file "named.ip6.local";
   allow-update { none; };
};

zone "255.in-addr.arpa" IN {
   type master;
   file "named.broadcast";
   allow-update { none; };
};

zone "0.in-addr.arpa" IN {
   type master;
   file "named.zero";
   allow-update { none; };
};

include "/etc/rndc.key";

//
// bac zone
//

zone "bac.org.au" {
   type master;
   file "/var/named/bac.org.au.hosts";
   allow-update {
       127.0.0.1;
       192.168.10.254;
       key rndckey;
       };
   };
zone "10.168.192.in-addr.arpa" {
   type master;
   file "/var/named/192.168.10.rev";
   allow-update {
       127.0.0.1;
       192.168.10.254;
       key rndckey;
       };
   };


dhcpd.conf --



# dhcpd.conf

ddns-update-style             interim;

option subnet-mask            255.255.255.0;
option broadcast-address      192.168.10.255;
option routers                192.168.10.254;
option domain-name-servers    192.168.10.254;
option domain-name            "bac.org.au";   # You really should fix this
option option-128 code 128 = string;
option option-129 code 129 = text;

include                     "/etc/rndc.key";

get-lease-hostnames           true;

next-server                   192.168.10.1;
option root-path              "192.168.10.1:/opt/ltsp/i386";

subnet 192.168.10.0 netmask 255.255.255.0 {
   ddns-domainname "bac.org.au";
   ddns-rev-domainname "in-addr.arpa.";
   authoritative;
   ddns-updates on;
  
   zone bac.org.au {
       primary 192.168.10.254;
       key "rndckey";
   }

   zone 10.168.192.in-addr.arpa {
       primary 192.168.10.254;
       key "rndckey";
   }

   range 192.168.10.100 192.168.10.199;
   if substring (option vendor-class-identifier, 0, 9) = "PXEClient" {
       filename "/2.6.16.1-ltsp-2/pxelinux.0";
       }
   else {
       filename "/vmlinuz-2.6.16.1-ltsp-2";
       }
   }

host admin {
  hardware ethernet 00:0D:61:B4:AA:85;
  fixed-address 192.168.10.1;
}

host windows {
  hardware ethernet 00:0c:29:17:ad:1b;
  fixed-address 192.168.10.20;
}

host lfs {
  hardware ethernet 00:0C:29:85:65:2D;
  fixed-address 192.168.10.10;
}


#
# If you need to pass parameters on the kernel command line, you can
# do it with option-129.  In order for Etherboot to look at option-129,
# you MUST have option-128 set to a specific value.  The value is a
# special Etherboot signature of 'e4:45:74:68:00:00'.
#
# Add these two lines to the host entry that needs kernel parameters
#
#        option option-128     e4:45:74:68:00:00;       # NOT a mac address
#        option option-129     "NIC=ne IO=0x300";

As for unusual quoted posts ... my apologies .... it wont be a problem 
in future

Thanks for your interest :)

Brian