Dynamic DNS and failed journal
Brian Chadwick
brianchad at westnet.com.au
Tue Aug 1 07:35:13 UTC 2006
Tim wrote:
> On Tue, 2006-08-01 at 10:03 +1000, Brian Chadwick wrote:
>
>
>> No, it chroots first. So you should put your DDNS zone file in
>> /var/named/chroot/var/named/slaves (I expect you have a symlink
>> /var/named/slaves -> /var/named/chroot/var/named/slaves btw).
>>
>
> Just looking at a few FC4 systems here, the /var/named/slaves isn't a
> symlink to the chroot location. Has FC5 fixed that?
>
>
>> just for a test ... i chmodded all of /var/named to named.named ....
>> stilll the permission error ... I am not using SELinux by the way
>>
>
> Did you change it recursively, and include the parent directory? You
> might want to show us the output from listing the directories, and
> configuration files, and probably the tail end of /var/log/messages
> after restarting the name server.
>
> NB: It's hard to work out who said what to who in your post, and gets
> even worse when someone tries to reply. Please do quoting in a
> conventional manner.
>
Yes I did a recursive chmod.
from /var i did chmod -R named.named var
i cant give you a directory listing now, i have reset the permissions to
original
the output from messages after a named and dhcpd restart and an
immeadiate lease request and ddns update is below.
Aug 1 17:28:47 server dhcpd: Internet Systems Consortium DHCP Server
V3.0.3-RedHat
Aug 1 17:28:47 server dhcpd: Copyright 2004-2005 Internet Systems
Consortium.
Aug 1 17:28:47 server dhcpd: All rights reserved.
Aug 1 17:28:47 server dhcpd: For info, please visit
http://www.isc.org/sw/dhcp/Aug 1 17:28:47 server dhcpd: Wrote 0 deleted
host decls to leases file.
Aug 1 17:28:47 server dhcpd: Wrote 0 new dynamic host decls to leases file.
Aug 1 17:28:47 server dhcpd: Wrote 10 leases to leases file.
Aug 1 17:28:47 server dhcpd: Listening on
LPF/eth1/00:a0:c9:6f:4b:d8/192.168.10/24
Aug 1 17:28:47 server dhcpd: Sending on
LPF/eth1/00:a0:c9:6f:4b:d8/192.168.10/24
Aug 1 17:28:47 server dhcpd: Sending on Socket/fallback/fallback-net
Aug 1 17:28:47 server dhcpd: dhcpd startup succeeded
Aug 1 17:28:51 server named[23130]: starting BIND 9.3.2 -u named -t
/var/named/chroot
Aug 1 17:28:51 server named[23130]: found 2 CPUs, using 2 worker threads
Aug 1 17:28:51 server named[23130]: loading configuration from
'/etc/named.conf'
Aug 1 17:28:51 server named[23130]: listening on IPv4 interface lo,
127.0.0.1#53
Aug 1 17:28:51 server named[23130]: listening on IPv4 interface eth1,
192.168.10.254#53
Aug 1 17:28:51 server named[23130]: zone 'bac.org.au' allows updates by
IP address, which is insecure
Aug 1 17:28:51 server named[23130]: zone '10.168.192.in-addr.arpa'
allows updates by IP address, which is insecure
Aug 1 17:28:51 server named[23130]: command channel listening on
127.0.0.1#953
Aug 1 17:28:51 server named[23130]: zone 0.in-addr.arpa/IN: loaded
serial 42
Aug 1 17:28:51 server named[23130]: zone 0.0.127.in-addr.arpa/IN:
loaded serial 1997022700
Aug 1 17:28:51 server named[23130]: zone 10.168.192.in-addr.arpa/IN:
loaded serial 1154323483
Aug 1 17:28:51 server named[23130]: zone 255.in-addr.arpa/IN: loaded
serial 42
Aug 1 17:28:51 server named[23130]: zone
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN:
loaded serial 1997022700
Aug 1 17:28:51 server named[23130]: zone bac.org.au/IN: loaded serial
1154323444
Aug 1 17:28:51 server named[23130]: zone localdomain/IN: loaded serial 42
Aug 1 17:28:51 server named[23130]: zone localhost/IN: loaded serial 42
Aug 1 17:28:51 server named[23130]: running
Aug 1 17:29:06 server dhcpd: No hostname for 192.168.10.190
Aug 1 17:29:06 server dhcpd: DHCPDISCOVER from 00:0c:29:b2:ac:3e (box)
via eth1Aug 1 17:29:07 server dhcpd: DHCPOFFER on 192.168.10.190 to
00:0c:29:b2:ac:3e via eth1
Aug 1 17:29:07 server dhcpd: No hostname for 192.168.10.190
Aug 1 17:29:07 server dhcpd: DHCPDISCOVER from 00:0c:29:b2:ac:3e via eth1
Aug 1 17:29:07 server dhcpd: DHCPOFFER on 192.168.10.190 to
00:0c:29:b2:ac:3e (box) via eth1
Aug 1 17:29:07 server named[23130]: client 192.168.10.254#32843:
updating zone
'bac.org.au/IN': adding an RR at 'box.bac.org.au' A
Aug 1 17:29:07 server named[23130]: client 192.168.10.254#32843:
updating zone
'bac.org.au/IN': adding an RR at 'box.bac.org.au' TXT
Aug 1 17:29:07 server named[23130]: journal file
/var/named/bac.org.au.hosts.jnl does not exist, creating it
Aug 1 17:29:07 server named[23130]: /var/named/bac.org.au.hosts.jnl:
create: permission denied
Aug 1 17:29:07 server named[23130]: client 192.168.10.254#32843:
updating zone
'bac.org.au/IN': error: journal open failed: unexpected error
Aug 1 17:29:07 server dhcpd: Unable to add forward map from
box.bac.org.au to 192.168.10.190: timed out
Aug 1 17:29:07 server dhcpd: No hostname for 192.168.10.190
Aug 1 17:29:07 server dhcpd: DHCPREQUEST for 192.168.10.190
(192.168.10.254) from 00:0c:29:b2:ac:3e (box) via eth1
Aug 1 17:29:07 server dhcpd: DHCPACK on 192.168.10.190 to
00:0c:29:b2:ac:3e (box) via eth1
As you can see ... everything seems to work ok except being able to
write the jnl file.
named.conf -
//
// named.conf for Red Hat caching-nameserver
//
acl "bac-net" { 192.168.10.0/24; 127.0.0.1; };
options {
directory "/var/named/";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
listen-on { "bac-net"; };
allow-query { "bac-net"; };
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
forwarders {
203.21.20.20;
203.10.1.9;
};
};
//logging {
// channel "named_log" {
// send most BIND logs to a dedicated log file
// file "/var/named/data/named.log" versions 10 size 500k;
// severity dynamic;
// print-category yes;
// print-severity yes;
// print-time yes;
// };
// channel "query_log" {
// file "/var/named/data/query.log" versions 10 size 500k;
// severity debug;
// print-severity yes;
// print-time yes;
// };
// category default { named_log; };
// category queries { query_log; };
//};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; 192.168.10.254; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"
IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
//
// bac zone
//
zone "bac.org.au" {
type master;
file "/var/named/bac.org.au.hosts";
allow-update {
127.0.0.1;
192.168.10.254;
key rndckey;
};
};
zone "10.168.192.in-addr.arpa" {
type master;
file "/var/named/192.168.10.rev";
allow-update {
127.0.0.1;
192.168.10.254;
key rndckey;
};
};
dhcpd.conf --
# dhcpd.conf
ddns-update-style interim;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.10.255;
option routers 192.168.10.254;
option domain-name-servers 192.168.10.254;
option domain-name "bac.org.au"; # You really should fix this
option option-128 code 128 = string;
option option-129 code 129 = text;
include "/etc/rndc.key";
get-lease-hostnames true;
next-server 192.168.10.1;
option root-path "192.168.10.1:/opt/ltsp/i386";
subnet 192.168.10.0 netmask 255.255.255.0 {
ddns-domainname "bac.org.au";
ddns-rev-domainname "in-addr.arpa.";
authoritative;
ddns-updates on;
zone bac.org.au {
primary 192.168.10.254;
key "rndckey";
}
zone 10.168.192.in-addr.arpa {
primary 192.168.10.254;
key "rndckey";
}
range 192.168.10.100 192.168.10.199;
if substring (option vendor-class-identifier, 0, 9) = "PXEClient" {
filename "/2.6.16.1-ltsp-2/pxelinux.0";
}
else {
filename "/vmlinuz-2.6.16.1-ltsp-2";
}
}
host admin {
hardware ethernet 00:0D:61:B4:AA:85;
fixed-address 192.168.10.1;
}
host windows {
hardware ethernet 00:0c:29:17:ad:1b;
fixed-address 192.168.10.20;
}
host lfs {
hardware ethernet 00:0C:29:85:65:2D;
fixed-address 192.168.10.10;
}
#
# If you need to pass parameters on the kernel command line, you can
# do it with option-129. In order for Etherboot to look at option-129,
# you MUST have option-128 set to a specific value. The value is a
# special Etherboot signature of 'e4:45:74:68:00:00'.
#
# Add these two lines to the host entry that needs kernel parameters
#
# option option-128 e4:45:74:68:00:00; # NOT a mac address
# option option-129 "NIC=ne IO=0x300";
As for unusual quoted posts ... my apologies .... it wont be a problem
in future
Thanks for your interest :)
Brian
More information about the fedora-list
mailing list