[OLD QUESTION] dns stats (fwd)

Joaquin J. Domens jdomens at corp.terra.es
Thu Jun 6 15:58:15 UTC 2002 

Hi,
This is about an old threat about ndc ............
As exposed in this mail I've tried to create a control statement in my
named.conf, but the only way I can use NDC is giving the whole path
with -c option.

        ndc -c /usr/local/etc/ndc.d/ndc status (this works OK)

I've tried to create a control statemet like this:

controls {
         unix "/usr/local/etc/ndc.d/ndc"
         perm 600
         owner 0
         group 0;
};

But it doesn`t work, the error I get is:

ndc: error: ctl_client: evConnect(fd 3): Socket operation on non-socket
ndc: error: cannot connect to command channel (/var/run/ndc)

In  /var/run/ndc I don`t see the socket  ........

                tdnsi1:/var/run/ndc>ls -lrt
                    total 0
                    -rw-r--r--   1 root     other          0 Jun  6 15:54 ndc

                tdnsi1:/usr/local/etc/ndc.d>ls -lrt
                    total 0
                    srwxr-xr-x   1 root     other          0 Jun  6 15:54 ndc

How can I make this work without having tio type the -c option everytime I want
to use NDC ?

Thanks in advance


Mark.Andrews at isc.org wrote:

> >
> > Hi all,
> >
> > I'm having same problem on this new Solaris boxes, running 8.3.1
> >
> > But I can't seem to find the channel for ndc, and in named.conf there's no
> > control entry about that.
> >
> > One difference I've seen between this new box, and other one already runnin
> > g ndc
> > (both with 8.3.1) it's:
> >
> > ndc ok:
> >
> > srw-------   1 root     root           0 Jan 30  2001 ndc
> > drwx------   2 root     root         512 Apr  3 14:18 ndc.d
> > -rw-r--r--   1 root     other      51924 Apr  8 17:58 named.conf
> > -rw-r--r--   1 root     other          6 Apr  9 11:57 named.pid
> >
> > ndc not running:
> >
> > drwx------   2 root     root         512 Apr  4 17:02 ndc.d
> > -rw-r--r--   1 root     other      16861 Apr  9 13:06 named.conf
> > -rw-r--r--   1 root     other          5 Apr  9 15:30 named.pid
> >
> > And the error I got it's the same ......
> >
> > ndc: error: ctl_client: evConnect(fd 3): No such file or directory
> > ndc: error: cannot connect to command channel (/var/run/ndc)
> >
> > Hope it helps
> >
> > Cheers
>
>         The control channel is /var/run/ndc.d/ndc by default in 8.3.1
>         on Solaris.  If you are getting /var/run/ndc then you have a
>         old ndc.  If /var/run/ndc is working and you don't have a
>         controls block overriding the default path you have a old
>         named running and unless it is the patched version from Sun
>         it is insecure as it is less than 8.2.3.
>
>         --- 8.2.3-REL released ---
>
>         ....
>
>  924.   [port]          sunos solaris: #define NEED_SECURE_DIRECTORY to
>                         secure the directory containing unix domain socket
>                         rather than the socket itself.
>
>         Mark
> >
> >
> > Nate Campi wrote:
> >
> > > On Thu, Apr 04, 2002 at 04:42:12PM -0500, Art Houle wrote:
> > > >
> > > >   We are running "named 8.2.3-REL" and I am trying to get stats so that
> >  I
> > > > can put them into mrtg for graphing.  However I am having a problem wit
> > h
> > > > the command to get stats and would like input is anybody can interpret
> > the
> > > > error message I get back:
> > > >
> > > > dns1# /usr/sbin/ndc stats
> > > > ndc: error: ctl_client: evConnect(fd 3): No such file or directory
> > > > ndc: error: cannot connect to command channel (/var/run/ndc)
> > >
> > > I'll assume that BIND is actually running. You need to give the path to
> > > your ndc channel with the "-c" option to ndc. Here how I dump stats on
> > > my nameservers:
> > >
> > >  /usr/local/sbin/ndc -c /var/bind.root/r/ndc/ndc stats
> > >
> > > If you don't know where your ndc channel is, look in you conf file for
> > > something like:
> > >
> > > controls {
> > >         unix "/ndc/ndc"
> > >         perm 600
> > >         owner 0
> > >         group 0;
> > > };
> > >
> > > ...and use the path in double quotes after "unix".
> > > --
> > > Nate
> > >
> > > The doctrine of human equality reposes on this: that there is no man
> > > really clever who has not found that he is stupid.
> >
> > --
> > --------------------------------------------------
> > Joaquin J. Domens
> > Área de Tecnología
> > Departamento de Producción / Aplicaciones
> > --------------------------------------------------
> > Terra Networks España S.A.
> > Julián Camarillo, 6
> > 28037 Madrid, España
> > Tel. (34) 91-375 2384 Fax (34) 91-375 2320
> > joaquin.domens at corp.terra.es
> > --------------------------------------------------
> > Mercado Continuo: TRR |  Nasdaq: TRLY
> > --------------------------------------------------
> > http://www.terra.es
> > --------------------------------------------------
> >
> >
> >
> --
> Mark Andrews, Internet Software Consortium
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

--
--------------------------------------------------
Joaquin J. Domens
Área de Tecnología
Departamento de Producción / Aplicaciones
--------------------------------------------------
Terra Networks España S.A.
Julián Camarillo, 6
28037 Madrid, España
Tel. (34) 91-375 2384 Fax (34) 91-375 2320
joaquin.domens at corp.terra.es
--------------------------------------------------
Mercado Continuo: TRR |  Nasdaq: TRLY
--------------------------------------------------
http://www.terra.es
--------------------------------------------------

More information about the bind-users mailing list