[stork-users] Stork agent cannot connect through rndc
Slawek Figiel
slawek at isc.org
Wed Aug 28 11:42:39 UTC 2024
Hello Mik!
The "named-checkconf" call is constructed in
backend/agent/bind9.go:569-577 :
// Prepare named-checkconf arguments.
args := []string{}
if rootPrefix != "" {
args = append(args, "-t", rootPrefix)
}
// The config path must be last.
args = append(args, "-p", bind9ConfPath)
out, err := executor.Output(namedCheckconfPath, args...)
So, we provide the BIND 9 configuration path via "-p" flag and path to
the BIND 9 chroot via the "-t" flag (if applicable).
Regards,
Slawek Figiel
On 28/08/2024 00:26, Mik J wrote:
> Hello Slawek,
>
> I did
> # named-checkconf
> open: /etc/named.conf: file not found
>
> So I made a symbolic link
> # ln -s /var/named/etc/named.conf /etc/named.conf
> And ran again the command
> # named-checkconf
>
> However no improvement.
>
> Which option is used along with named-checkconf because when I run it I don't see anything, it's silent.
>
>
> At the moment I launch the stork agent as root so there shouldn't be file permission problems.
>
> # ls -l /etc/rndc.key
> -rw-r--r-- 1 root _bind 100 May 11 00:29 /etc/rndc.key
> The permissions are not so good but I'll change them
>
> I don't have any file specified in my named.conf except:
> - Log files: for example
> channel queries_errors_file {
> file "/var/log/query-errors.log" versions 3 size 5m;
>
> - or zone files
> zone "127.in-addr.arpa" {
> type master;
> file "/master/reverse/loopback";
> allow-transfer { localhost; };
> };
>
> I'm not sure my configuration is involved in this issue, maybe that's because I'm using Openbsd 7.5 and it has something specific.
>
> Regards
>
>
>
> Le lundi 26 août 2024 à 11:51:46 UTC+2, Slawek Figiel <slawek at isc.org> a écrit :
>
>
>
>
>
> Hello Mik!
>
> Please check if your Stork agent user has rights to read the
> "named.conf" and "rndc.key" files and any other files referenced in
> "named.conf".
>
>> Also I see that the stork agent tries to connect to 127.0.0.1 using
> rndc but I haven't specified the stork agent to use this adress
> (although that's the one I want)
>> But, in general, how is the stork agent supposed to find the DNS
> server adress and port ?
>
> Stork uses "named-checkconf" to read the BIND 9 configuration and
> extracts the RNDC address and port from it.
>
> I'm waiting for your feedback.
> Regards
> Slawek
>
> On 16/08/2024 11:24, Mik J wrote:
>> Stork: 1.18.0
>> OS: Openbsd 7.5
>>
>> Hello,
>>
>> I made my stork agent to be installed on one of my DNS.
>>
>> However I get this message
>> INFO[2024-08-16 11:00:46] bind9.go:560 Found BIND 9 config file in /var/named/etc/named.conf based on output of `named -V`.
>> ERRO[2024-08-16 11:00:49] agent.go:311 Failed to forward commands to rndc Address="127.0.0.1" Port="953" error="exit status 1"
>>
>>
>> If I run the command manually, it works
>> # rndc -b 127.0.0.1 -s 127.0.0.1 -p 953 -k /etc/rndc.key status
>> version: BIND 9.18.28 (Extended Support Version) <id:f77fadb> ()
>> running on localhost: OpenBSD amd64 7.5 GENERIC.MP#82
>> boot time: Fri, 16 Aug 2024 02:07:05 GMT
>> last configured: Fri, 16 Aug 2024 02:07:05 GMT
>> configuration file: /etc/named.conf (/var/named/etc/named.conf)
>> ...
>>
>> How to debug this problem ?
>>
>> - How does stork knows what is the rndc.key, does it read it in named.conf or should it read /etc/rndc.key
>> - If it reads /etc/rndc.key, how does it know where to find this file ?
>>
>>
>> Also I see that the stork agent tries to connect to 127.0.0.1 using rndc but I haven't specified the stork agent to use this adress (although that's the one I want)
>> But, in general, how is the stork agent supposed to find the DNS server adress and port ?
>>
>> Regards
>
>>
>>
More information about the Stork-users
mailing list