9.2.0 chicken egg problem?

Will Yardley ilovednsrelatedspam at hq.newdream.net
Thu Dec 6 08:05:57 UTC 2001


Rick wrote:
> Hi Binders.
> 
> Trouble with 9.2.0.
> 
> 1.  If pid-file exists, complaint.  If pid-file no-exist, permission
> denied (another complaint).
> 
> /var and /var/run belong to root, but /var/run/named belongs to
> named:named with mode 655.
 
what do you have the 'pid-file' option set to in 'options'?
i have:
pid-file "/var/named/named.pid";

where /var/named is owned by user bind and group bind (the user named
runs as on our system).

if /var/run/named is a directory you probably want '755' not 655, and
you'd need to specify '/var/run/named/named.pid' as the 'pid-file'. have
you done this?

> 2. In the logs, rndc.key not found, but only because it isn't there.

???? well make it. you need to have either an rndc.conf file with a
corresponding 'key' statement in named.conf, or an rndc.key file
(according to the docs, no key statement is needed then).
 
> RH 7.1, bind-9.2.0, ./configure --with-openssl, make, make install, make
> clean.
> Bind 9.1.0 was default installed.  When I ask whereis named, I hear
> /usr/sbin/named /etc/named.conf /usr/local/sbin/named
> /usr/share/man/man8/named.8.gz
> 
> Is the old named in the way?  It never gave me so much lip.  It just ran and
> reloaded when I said to.

if the old version of bind is installed from rpm, remove it; if it was
installed from source, you might want to rename the binaries to avoid
confusion. 

the install process you describe should hvae put everything in
/usr/local

> 3.  Good ol' 9.1.0 used to say "command channel listening on 127.0.0.1#953"
>     9.2.0 says, "couldn't add command channel 127.0.0.1#953: file not found"
 
> Is it looking for the file, "rndc.key"?  Or is there no relationship
> between #2 and #3?

that would be my guess... you might want to include relevant bits of
your named.conf file (with any keys obscured obviously).

good ol' 9.2.0 also says:
jazz [~]# grep command /var/log/messages
Dec  6 00:04:51 jazz named[31968]: command channel listening on 127.0.0.1#953

when it's happy.

my understanding is that you need EITHER an rndc.key (and an optional
rndc.conf) or the combination of a key statement in named.conf and an
rndc.conf file.

-- 
William Yardley                   System Administrator, Newdream Network
william at hq.newdream.net         http://infinitejazz.net/will/pgp/gpg.asc


More information about the bind-users mailing list