Re: Dynamic DNS and failed journal

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tim wrote:
On Tue, 2006-08-01 at 10:03 +1000, Brian Chadwick wrote:

No, it chroots first. So you should put your DDNS zone file in /var/named/chroot/var/named/slaves (I expect you have a symlink /var/named/slaves -> /var/named/chroot/var/named/slaves btw).

Just looking at a few FC4 systems here, the /var/named/slaves isn't a
symlink to the chroot location.  Has FC5 fixed that?

just for a test ... i chmodded all of /var/named to named.named ....
stilll the permission error ... I am not using SELinux by the way

Did you change it recursively, and include the parent directory?  You
might want to show us the output from listing the directories, and
configuration files, and probably the tail end of /var/log/messages
after restarting the name server.

NB:  It's hard to work out who said what to who in your post, and gets
even worse when someone tries to reply.  Please do quoting in a
conventional manner.



Yes I did a recursive chmod.

from /var i did chmod -R named.named var

i cant give you a directory listing now, i have reset the permissions to original

the output from messages after a named and dhcpd restart and an immeadiate lease request and ddns update is below.

Aug 1 17:28:47 server dhcpd: Internet Systems Consortium DHCP Server V3.0.3-RedHat Aug 1 17:28:47 server dhcpd: Copyright 2004-2005 Internet Systems Consortium.
Aug  1 17:28:47 server dhcpd: All rights reserved.
Aug 1 17:28:47 server dhcpd: For info, please visit http://www.isc.org/sw/dhcp/Aug 1 17:28:47 server dhcpd: Wrote 0 deleted host decls to leases file.
Aug  1 17:28:47 server dhcpd: Wrote 0 new dynamic host decls to leases file.
Aug  1 17:28:47 server dhcpd: Wrote 10 leases to leases file.
Aug 1 17:28:47 server dhcpd: Listening on LPF/eth1/00:a0:c9:6f:4b:d8/192.168.10/24 Aug 1 17:28:47 server dhcpd: Sending on LPF/eth1/00:a0:c9:6f:4b:d8/192.168.10/24
Aug  1 17:28:47 server dhcpd: Sending on   Socket/fallback/fallback-net
Aug  1 17:28:47 server dhcpd: dhcpd startup succeeded
Aug 1 17:28:51 server named[23130]: starting BIND 9.3.2 -u named -t /var/named/chroot
Aug  1 17:28:51 server named[23130]: found 2 CPUs, using 2 worker threads
Aug 1 17:28:51 server named[23130]: loading configuration from '/etc/named.conf' Aug 1 17:28:51 server named[23130]: listening on IPv4 interface lo, 127.0.0.1#53 Aug 1 17:28:51 server named[23130]: listening on IPv4 interface eth1, 192.168.10.254#53 Aug 1 17:28:51 server named[23130]: zone 'bac.org.au' allows updates by IP address, which is insecure Aug 1 17:28:51 server named[23130]: zone '10.168.192.in-addr.arpa' allows updates by IP address, which is insecure Aug 1 17:28:51 server named[23130]: command channel listening on 127.0.0.1#953 Aug 1 17:28:51 server named[23130]: zone 0.in-addr.arpa/IN: loaded serial 42 Aug 1 17:28:51 server named[23130]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700 Aug 1 17:28:51 server named[23130]: zone 10.168.192.in-addr.arpa/IN: loaded serial 1154323483 Aug 1 17:28:51 server named[23130]: zone 255.in-addr.arpa/IN: loaded serial 42 Aug 1 17:28:51 server named[23130]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700 Aug 1 17:28:51 server named[23130]: zone bac.org.au/IN: loaded serial 1154323444
Aug  1 17:28:51 server named[23130]: zone localdomain/IN: loaded serial 42
Aug  1 17:28:51 server named[23130]: zone localhost/IN: loaded serial 42
Aug  1 17:28:51 server named[23130]: running
Aug  1 17:29:06 server dhcpd: No hostname for 192.168.10.190
Aug 1 17:29:06 server dhcpd: DHCPDISCOVER from 00:0c:29:b2:ac:3e (box) via eth1Aug 1 17:29:07 server dhcpd: DHCPOFFER on 192.168.10.190 to 00:0c:29:b2:ac:3e via eth1
Aug  1 17:29:07 server dhcpd: No hostname for 192.168.10.190
Aug  1 17:29:07 server dhcpd: DHCPDISCOVER from 00:0c:29:b2:ac:3e via eth1
Aug 1 17:29:07 server dhcpd: DHCPOFFER on 192.168.10.190 to 00:0c:29:b2:ac:3e (box) via eth1 Aug 1 17:29:07 server named[23130]: client 192.168.10.254#32843: updating zone
'bac.org.au/IN': adding an RR at 'box.bac.org.au' A
Aug 1 17:29:07 server named[23130]: client 192.168.10.254#32843: updating zone
'bac.org.au/IN': adding an RR at 'box.bac.org.au' TXT
Aug 1 17:29:07 server named[23130]: journal file /var/named/bac.org.au.hosts.jnl does not exist, creating it Aug 1 17:29:07 server named[23130]: /var/named/bac.org.au.hosts.jnl: create: permission denied Aug 1 17:29:07 server named[23130]: client 192.168.10.254#32843: updating zone
'bac.org.au/IN': error: journal open failed: unexpected error
Aug 1 17:29:07 server dhcpd: Unable to add forward map from box.bac.org.au to 192.168.10.190: timed out
Aug  1 17:29:07 server dhcpd: No hostname for 192.168.10.190
Aug 1 17:29:07 server dhcpd: DHCPREQUEST for 192.168.10.190 (192.168.10.254) from 00:0c:29:b2:ac:3e (box) via eth1 Aug 1 17:29:07 server dhcpd: DHCPACK on 192.168.10.190 to 00:0c:29:b2:ac:3e (box) via eth1

As you can see ... everything seems to work ok except being able to write the jnl file.

named.conf -
//
// named.conf for Red Hat caching-nameserver
//

acl "bac-net" { 192.168.10.0/24; 127.0.0.1; };

options {
   directory "/var/named/";
   dump-file "/var/named/data/cache_dump.db";
   statistics-file "/var/named/data/named_stats.txt";
       listen-on { "bac-net"; };
       allow-query { "bac-net"; };

   /*
    * If there is a firewall between you and nameservers you want
    * to talk to, you might need to uncomment the query-source
    * directive below.  Previous versions of BIND always asked
    * questions using port 53, but BIND 8.1 uses an unprivileged
    * port by default.
    */
    // query-source address * port 53;

   forwarders {
       203.21.20.20;
       203.10.1.9;
       };
};

//logging {
//    channel "named_log" {
       // send most BIND logs to a dedicated log file
//        file "/var/named/data/named.log" versions 10 size 500k;
//        severity dynamic;
//        print-category yes;
//        print-severity yes;
//        print-time yes;
//    };

//    channel "query_log" {
//        file "/var/named/data/query.log" versions 10 size 500k;
//        severity debug;
//        print-severity yes;
//        print-time yes;
//    };
// category default { named_log; };
//    category queries { query_log; };
//};




//
// a caching only nameserver config
//
controls {
   inet 127.0.0.1 port 953
   allow { 127.0.0.1; 192.168.10.254; } keys { rndckey; };
};

zone "." IN {
   type hint;
   file "named.ca";
};

zone "localdomain" IN {
   type master;
   file "localdomain.zone";
   allow-update { none; };
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
   allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
   type master;
   file "named.local";
   allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
   type master;
   file "named.ip6.local";
   allow-update { none; };
};

zone "255.in-addr.arpa" IN {
   type master;
   file "named.broadcast";
   allow-update { none; };
};

zone "0.in-addr.arpa" IN {
   type master;
   file "named.zero";
   allow-update { none; };
};

include "/etc/rndc.key";

//
// bac zone
//

zone "bac.org.au" {
   type master;
   file "/var/named/bac.org.au.hosts";
   allow-update {
       127.0.0.1;
       192.168.10.254;
       key rndckey;
       };
   };
zone "10.168.192.in-addr.arpa" {
   type master;
   file "/var/named/192.168.10.rev";
   allow-update {
       127.0.0.1;
       192.168.10.254;
       key rndckey;
       };
   };


dhcpd.conf --



# dhcpd.conf

ddns-update-style             interim;

option subnet-mask            255.255.255.0;
option broadcast-address      192.168.10.255;
option routers                192.168.10.254;
option domain-name-servers    192.168.10.254;
option domain-name            "bac.org.au";   # You really should fix this
option option-128 code 128 = string;
option option-129 code 129 = text;

include                     "/etc/rndc.key";

get-lease-hostnames           true;

next-server                   192.168.10.1;
option root-path              "192.168.10.1:/opt/ltsp/i386";

subnet 192.168.10.0 netmask 255.255.255.0 {
   ddns-domainname "bac.org.au";
   ddns-rev-domainname "in-addr.arpa.";
   authoritative;
   ddns-updates on;
zone bac.org.au {
       primary 192.168.10.254;
       key "rndckey";
   }

   zone 10.168.192.in-addr.arpa {
       primary 192.168.10.254;
       key "rndckey";
   }

   range 192.168.10.100 192.168.10.199;
   if substring (option vendor-class-identifier, 0, 9) = "PXEClient" {
       filename "/2.6.16.1-ltsp-2/pxelinux.0";
       }
   else {
       filename "/vmlinuz-2.6.16.1-ltsp-2";
       }
   }

host admin {
  hardware ethernet 00:0D:61:B4:AA:85;
  fixed-address 192.168.10.1;
}

host windows {
  hardware ethernet 00:0c:29:17:ad:1b;
  fixed-address 192.168.10.20;
}

host lfs {
  hardware ethernet 00:0C:29:85:65:2D;
  fixed-address 192.168.10.10;
}


#
# If you need to pass parameters on the kernel command line, you can
# do it with option-129.  In order for Etherboot to look at option-129,
# you MUST have option-128 set to a specific value.  The value is a
# special Etherboot signature of 'e4:45:74:68:00:00'.
#
# Add these two lines to the host entry that needs kernel parameters
#
#        option option-128     e4:45:74:68:00:00;       # NOT a mac address
#        option option-129     "NIC=ne IO=0x300";

As for unusual quoted posts ... my apologies .... it wont be a problem in future

Thanks for your interest :)

Brian


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux