| View previous topic :: View next topic |
| Author |
Message |
hanj
Veteran
Joined: 19 Aug 2003
Posts: 1490
|
 Posted: Wed Jan 09, 2019 4:45 pm Post subject: Unable to start bind-9.12.2_p2-r1 in chroot |
 |
|
I've been having a variety of problems on various servers. The first issue "OpenSSL pseudorandom number generator issue w/bind" was fixed on one server, but now, I have 2 other production servers that won't start.
Looking at the logs, I see the following...
| Code: |
Jan 9 08:49:20 comp named[4415]: configuring command channel from '/etc/bind/rndc.key'
Jan 9 08:49:20 comp named[4415]: socket.c:5681: unexpected error:
Jan 9 08:49:20 comp named[4415]: setsockopt(25, TCP_FASTOPEN) failed with Protocol not available
Jan 9 08:49:20 comp named[4415]: command channel listening on 127.0.0.1#953
Jan 9 08:49:20 comp named[4415]: the working directory is not writable
Jan 9 08:49:20 comp named[4415]: loading configuration: permission denied
Jan 9 08:49:20 comp named[4415]: exiting (due to fatal error)
|
Now, I originally thought it was the TCP_FASTOPEN, but I've been seeing that warning with older versions. The real problem is the vague "the working directory is not writable". That's weird. I've been running chroot named for years, and works fine when I roll back.
This is what I have in /etc/conf.d/named
| Code: |
CHROOT="/chroot/dns"
CHROOT_NOMOUNT="1"
CHROOT_NOCHECK=1
PIDFILE="${CHROOT}/var/run/named/named.pid" |
If I change CHROOT_NOMOUNT then it starts, but named is hosed, since it grabs files from /etc, but I run my chroot enviro, the error. So, I feel like perms somewhere is wrong, but can't find it. Thought I would run strace to see what was up, but that didn't yield any specifics for me...
This is where it breaks:
| Code: | 7828 prctl(PR_SET_DUMPABLE, SUID_DUMP_USER) = 0
7828 capget({version=_LINUX_CAPABILITY_VERSION_3, pid=0}, NULL) = 0
7828 capget({version=_LINUX_CAPABILITY_VERSION_3, pid=0}, NULL) = 0
7828 capget({version=_LINUX_CAPABILITY_VERSION_3, pid=0}, {effective=0, permitted=1<<CAP_CHOWN|1<<CAP_DAC_READ_SEARCH|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_NET_BIND_SERVICE|1<<CAP_SYS_CHROOT|1<<CAP_SYS_RESOURCE, inheritable=0}) = 0
7828 getuid() = 40
7828 capset({version=_LINUX_CAPABILITY_VERSION_3, pid=0}, {effective=1<<CAP_NET_BIND_SERVICE|1<<CAP_SYS_RESOURCE, permitted=1<<CAP_NET_BIND_SERVICE|1<<CAP_SYS_RESOURCE, inheritable=0}) = 0
7828 access(".", W_OK|X_OK) = -1 EACCES (Permission denied)
7828 getpid() = 7828
7828 sendto(3, "<27>Jan 9 09:27:14 named[7828]:"..., 71, MSG_NOSIGNAL, NULL, 0) = 71
7828 gettimeofday({tv_sec=1547051234, tv_usec=763630}, NULL) = 0
7828 getpid() = 7828
7828 sendto(3, "<26>Jan 9 09:27:14 named[7828]:"..., 74, MSG_NOSIGNAL, NULL, 0) = 74
7828 getpid() = 7828
7828 sendto(3, "<26>Jan 9 09:27:14 named[7828]:"..., 62, MSG_NOSIGNAL, NULL, 0) = 62
7828 close(3) = 0
7828 unlink("/var/run/named/named.pid") = 0 |
| Code: |
7828 access(".", W_OK|X_OK) = -1 EACCES (Permission denied) |
I would assume "." is /chroot/dns?
| Code: | ls -al /chroot
drwxrwx--- 6 root named 4096 Jul 16 2014 dns |
So, that's not it.
| Code: | ls -al /chroot/dns
drwxr-xr-x 2 root root 4096 Jan 9 08:09 dev
drwxr-xr-x 3 root root 4096 Mar 2 2012 etc
drwxr-xr-x 3 root root 4096 Jul 16 2014 run
drwxr-xr-x 6 root root 4096 Jan 9 09:18 var |
Okay, this might be something, but I've changed this to 775 root:named and it still does not start. Comparing to my other box that runs chroot, perms are the same, so I changed ownership/permissions to the way it was.
I thought it might be the pid directory.
| Code: | ls -al /chroot/dns/var/run/
drwxrwx--- 2 root named 4096 Jan 9 09:34 named |
Here are my USE flags for this version:
| Code: | | [ebuild R ] net-dns/bind-9.12.2_p2-r1::gentoo USE="berkdb caps dlz ssl xml zlib -dnsrps -dnstap -doc -fixed-rrset -geoip -gost -gssapi -idn -ipv6 -json -ldap -libidn2 -libressl -lmdb -mysql -odbc -postgres -python -rpz (-seccomp) (-selinux) -static-libs -threads -urandom" PYTHON_TARGETS="python2_7 python3_4 python3_5 python3_6 (-python3_7)" 0 KiB |
Not sure. If I roll back to net-dns/bind-9.11.2_p1 it fires right back up.
Thanks!
hanji
_________________
Server Admin Blog - Uno-Code.com
Last edited by hanj on Wed Jan 09, 2019 9:37 pm; edited 1 time in total |
|
| Back to top |
|
 |
mike155
Advocate
Joined: 17 Sep 2010
Posts: 4438
Location: Frankfurt, Germany
|
| Posted: Wed Jan 09, 2019 9:26 pm Post subject: |
|
|
| Quote: | | I would assume "." is /chroot/dns? |
1) Why don't you search upwards in the strace file for the last chdir()? Sometimes you can also guess the current directory from prior open() or stat() statements (if they use relative paths).
2) Why do you want to install BIND? Do you really want BIND? Or do you just need a local DNS server (authoritative and/or resolving)? BIND is a huge and complex software package and difficult to handle. If you just need a local DNS server, look at something smaller. I switched from BIND to dnsmasq a while ago and I'm very happy with it. Much smaller and much easier to handle. |
|
| Back to top |
|
|
hanj
Veteran
Joined: 19 Aug 2003
Posts: 1490
|
| Posted: Wed Jan 09, 2019 9:36 pm Post subject: |
|
|
| mike155 wrote: | | Quote: | | I would assume "." is /chroot/dns? |
1) Why don't you search upwards in the strace file for the last chdir()? Sometimes you can also guess the current directory from prior open() or stat() statements (if they use relative paths). |
I actually looked at older logs, and see mention of this error in the older version. What's unique to this
| Code: | | Jan 9 08:49:20 comp named[4415]: loading configuration: permission denied |
| mike155 wrote: |
2) Why do you want to install BIND? Do you really want BIND? Or do you just need a local DNS server (authoritative and/or resolving)? BIND is a huge and complex software package and difficult to handle. If you just need a local DNS server, look at something smaller. I switched from BIND to dnsmasq a while ago and I'm very happy with it. Much smaller and much easier to handle. |
Not an internal DNS server.. just been using it for years.
Thanks!
hanji
_________________
Server Admin Blog - Uno-Code.com |
|
| Back to top |
|
|
Duncan Mac Leod
Guru
Joined: 02 May 2004
Posts: 310
Location: Germany
|
| Posted: Thu Jan 10, 2019 9:16 pm Post subject: Re: Unable to start bind-9.12.2_p2-r1 in chroot |
|
|
| hanj wrote: | | Not sure. If I roll back to net-dns/bind-9.11.2_p1 it fires right back up. |
Same problem here - also reverted back. |
|
| Back to top |
|
|
deagol
n00b
Joined: 12 Jul 2014
Posts: 61
|
| Posted: Sun Jan 20, 2019 6:49 pm Post subject: |
|
|
Just a tip, I did not look deeper into it:
I'm also running net-dns/bind-9.12.2_p2-r1 chrooted with openrc, but works for me...
So it could be that you are hit by the issue reported in Bug 601510 and I sidestepped that by having applied the patch from the bug years ago.
The "official" init script for openrc is broken when running chroot, some checks are done against "/" instead of the pid dir.
Which could explain the problem you observe. |
|
| Back to top |
|
|
Schnulli
Guru
Joined: 25 Jun 2010
Posts: 320
Location: Bremen DE
|
| Posted: Wed Jan 23, 2019 11:28 pm Post subject: |
|
|
well......
last time i was working also a few with Bind9
here i am running my fully chrooted DNS in the LAN with my TLD Domains bound... seems to work..... even if it is on test on a dynamic IPv4 & IPv6
A hint.....
Get a provider that will allow you to use TLD at dynamic Ips and get it working 
I will next time develope a Raspberry Pi Image for free & Download that will work as a DNS Server, the only thing that must be done ist to add ur own TLDs and Keys and it will work
I will add a readme as well to get the own TLDs bound than....
Regards |
|
| Back to top |
|
|
hanj
Veteran
Joined: 19 Aug 2003
Posts: 1490
|
| Posted: Fri Jan 25, 2019 4:36 am Post subject: |
|
|
Digging further. I thought I would run start-stop-daemon from hand:
| Code: | start-stop-daemon -v --start --pidfile /chroot/dns/var/run/named/named.pid --exec /usr/sbin/named -- -u named -t /chroot/dns
* start-stop-daemon: fopen `/chroot/dns/var/run/named/named.pid': No such file or directory
* Detaching to start `/usr/sbin/named' ...
* start-stop-daemon: failed to start `/usr/sbin/named |
So, it's unable to write the pid file?
Here is what that directory looks like:
| Code: | /chroot/dns/var/run/named # ls -al /chroot/dns/var/run/named
total 16
drwxrwx--- 2 root named 4096 Jan 24 21:33 .
drwxr-xr-x 3 root root 4096 Mar 2 2012 ..
-rw------- 1 named named 102 Jan 24 21:33 session.key |
Again, this works fine with the older version of bind in chroot. I just rolled back and verified that the named.pid was in this directory and it is.
_________________
Server Admin Blog - Uno-Code.com |
|
| Back to top |
|
|
hanj
Veteran
Joined: 19 Aug 2003
Posts: 1490
|
| Posted: Fri Jan 25, 2019 4:38 am Post subject: |
|
|
| deagol wrote: | Just a tip, I did not look deeper into it:
I'm also running net-dns/bind-9.12.2_p2-r1 chrooted with openrc, but works for me...
So it could be that you are hit by the issue reported in Bug 601510 and I sidestepped that by having applied the patch from the bug years ago.
The "official" init script for openrc is broken when running chroot, some checks are done against "/" instead of the pid dir.
Which could explain the problem you observe. |
I tried some of this, but it was getting me any where. Could you post your /etc/init.d/named file?
I am running openrc, but when I issue debug statements, it seems like it's seeing the chroot properly.
Thanks!
hanji
_________________
Server Admin Blog - Uno-Code.com |
|
| Back to top |
|
|
deagol
n00b
Joined: 12 Jul 2014
Posts: 61
|
| Posted: Mon Jan 28, 2019 7:17 pm Post subject: |
|
|
You can get my init script by downloading this patch https://601510.bugs.gentoo.org/attachment.cgi?id=473634 and apply it to the "official" init script.
If you have custom modifications: The official script is also in portage, /usr/portage/net-dns/bind/files/named.init-r13.
With those commands you can get exactly my script: | Code: | cd /tmp
wget 'https://601510.bugs.gentoo.org/attachment.cgi?id=473634' -O patch.txt
cp /usr/portage/net-dns/bind/files/named.init-r13 /tmp
patch named.init-r13 < patch.txt |
|
|
| Back to top |
|
|
Duncan Mac Leod
Guru
Joined: 02 May 2004
Posts: 310
Location: Germany
|
|
| Back to top |
|
|
hanj
Veteran
Joined: 19 Aug 2003
Posts: 1490
|
| Posted: Sat Mar 23, 2019 3:15 pm Post subject: |
|
|
I'm still having problems on all of my servers in chroot with this version. I did try the init.d/named patch.. no dice. I have urandom. Still not starting in chroot.
| Code: | /chroot/dns/dev # ls -al
total 0
drwxr-xr-x 2 named named 144 Mar 20 21:18 .
drwx------ 7 root named 168 Jun 27 2014 ..
crw-rw-rw- 1 named named 1, 3 Mar 20 21:18 null
crw-rw-rw- 1 named named 1, 8 Sep 16 2005 random
crw-rw-rw- 1 named named 1, 9 Mar 20 21:18 urandom
crw-rw-rw- 1 named named 1, 5 Mar 20 21:18 zero |
/etc/conf.d/named:
| Code: | CHROOT="/chroot/dns"
CHROOT_NOMOUNT="1"
PIDFILE="${CHROOT}/var/run/named/named.pid" |
| Code: | /etc/init.d/named restart
* Caching service dependencies ... [ ok ]
* Starting chrooted named ...
* Checking named configuration ... [ ok ]
* start-stop-daemon: failed to start `/usr/sbin/named' [ !! ] |
output in logs...
| Code: | Mar 23 09:12:43 comp named[31391]: starting BIND 9.12.2-P2 <id:b2bf278>
Mar 23 09:12:43 comp named[31391]: running on Linux i686 4.14.63-gentoo #3 Fri Sep 7 09:30:56 MDT 2018
Mar 23 09:12:43 comp named[31391]: built with '--prefix=/usr' '--build=i686-pc-linux-gnu' '--host=i686-pc-linux-gnu' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc' '--localstatedir=/var/lib' '--docdir=/usr/share/doc/bind-9.12.2_p2-r1' '--htmldir=/usr/share/doc/bind-9.12.2_p2-r1/html' '--with-sysroot=/' '--libdir=/usr/lib' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--with-libtool' '--enable-full-report' '--without-readline' '--enable-linux-caps' '--disable-dnsrps' '--disable-fixed-rrset' '--disable-ipv6' '--disable-rpz-nsdname' '--disable-rpz-nsip' '--disable-seccomp' '--disable-threads' '--with-dlz-bdb' '--with-dlopen' '--with-dlz-filesystem' '--with-dlz-stub' '--without-gost' '--without-gssapi' '--without-idnkit' '--without-libidn2' '--without-libjson' '--without-dlz-ldap' '--with-dlz-mysql' '--without-dlz-odbc' '--without-dlz-postgres' '--without-lmdb' '--without-python' '--with-ecdsa' '--with-openssl=/usr' '--without-libxml2' '--with-zlib' '--with-randomdev=/dev/urandom' 'build_alias=i686-pc-linux-gnu' 'host_alias=i686-pc-linux-gnu' 'CFLAGS=-O2 -march=pentium4 -pipe -I/usr/include/db5.3' 'LDFLAGS=-Wl,-O1 -Wl,--as-needed'
Mar 23 09:12:43 comp named[31391]: running as: named -u named -t /chroot/dns
Mar 23 09:12:43 comp named[31391]: compiled by GCC 6.4.0
Mar 23 09:12:43 comp named[31391]: compiled with OpenSSL version: OpenSSL 1.0.2p 14 Aug 2018
Mar 23 09:12:43 comp named[31391]: linked to OpenSSL version: OpenSSL 1.0.2r 26 Feb 2019
Mar 23 09:12:43 comp named[31391]: compiled with zlib version: 1.2.11
Mar 23 09:12:43 comp named[31391]: linked to zlib version: 1.2.11
Mar 23 09:12:43 comp named[31391]: threads support is disabled
Mar 23 09:12:43 comp named[31391]: ----------------------------------------------------
Mar 23 09:12:43 comp named[31391]: BIND 9 is maintained by Internet Systems Consortium,
Mar 23 09:12:43 comp named[31391]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Mar 23 09:12:43 comp named[31391]: corporation. Support and training for BIND 9 are
Mar 23 09:12:43 comp named[31391]: available at https://www.isc.org/support
Mar 23 09:12:43 comp named[31391]: ----------------------------------------------------
Mar 23 09:12:43 comp named[31391]: using up to 4096 sockets
Mar 23 09:12:43 comp named[31391]: loading configuration from '/etc/bind/named.conf'
Mar 23 09:12:43 comp named[31391]: directory '/var/named' is not writable
Mar 23 09:12:43 comp named[31391]: /etc/bind/named.conf:3: parsing failed: permission denied
Mar 23 09:12:43 comp named[31391]: loading configuration: permission denied
Mar 23 09:12:43 comp named[31391]: exiting (due to fatal error)
Mar 23 09:12:43 comp /etc/init.d/named[31389]: start-stop-daemon: failed to start `/usr/sbin/named'
Mar 23 09:12:43 comp /etc/init.d/named[31145]: ERROR: named failed to start |
These seem to be the problem...
| Code: | Mar 23 09:12:43 comp named[31391]: directory '/var/named' is not writable
Mar 23 09:12:43 comp named[31391]: /etc/bind/named.conf:3: parsing failed: permission denied
Mar 23 09:12:43 comp named[31391]: loading configuration: permission denied |
But.. perms look good. Again, in chroot.
| Code: | /chroot/dns # ls -al
total 0
drwx------ 7 root named 168 Jun 27 2014 .
drwxr-xr-x 3 root root 72 Jan 4 2007 ..
drwxr-xr-x 2 named named 144 Mar 20 21:18 dev
drwxr-xr-x 3 named named 104 Jan 14 2013 etc
drwxr-xr-x 3 named named 72 Jun 27 2014 run
drwxrwxrwx 7 named named 168 Nov 7 2016 var <= I changed it to 777 for testing |
| Code: | /chroot/dns/etc/bind # ls -al
total 64
drwxr-xr-x 2 named named 240 Mar 20 21:25 .
drwxr-xr-x 3 named named 104 Jan 14 2013 ..
-rw-r----- 1 named named 2761 Dec 14 09:11 bind.keys
lrwxrwxrwx 1 named named 13 Dec 14 09:11 dyn -> /var/bind/dyn
-rw-r--r-- 1 named named 34967 Dec 8 2010 named.conf
lrwxrwxrwx 1 named named 13 Dec 14 09:11 pri -> /var/bind/pri
-rw------- 1 named named 77 Sep 16 2005 rndc.key
lrwxrwxrwx 1 named named 13 Dec 14 09:11 sec -> /var/bind/sec |
hanji
_________________
Server Admin Blog - Uno-Code.com |
|
| Back to top |
|
|
Duncan Mac Leod
Guru
Joined: 02 May 2004
Posts: 310
Location: Germany
|
| Posted: Sat Mar 23, 2019 3:50 pm Post subject: |
|
|
maybe you have a permission problem in chroot...
my permissions are:
| Code: |
ls -l /chroot/dns/
insgesamt 16
drwxr-xr-x 2 root root 4096 23. Mär 15:36 dev
drwxr-xr-x 3 root root 4096 11. Aug 2018 etc
drwxr-xr-x 3 root root 4096 6. Aug 2018 run
drwxr-xr-x 5 root root 4096 11. Aug 2018 var
|
| Code: |
ls -l /chroot/dns/dev/
insgesamt 0
crw-rw-rw- 1 root root 1, 3 6. Aug 2018 null
crw-rw-rw- 1 root root 1, 8 6. Aug 2018 random
crw-rw-rw- 1 root root 1, 9 23. Mär 15:36 urandom
crw-rw-rw- 1 root root 1, 5 6. Aug 2018 zero
|
| Code: |
ls -l /chroot/dns/etc/
insgesamt 8
drwxr-xr-x 2 named root 4096 23. Mär 15:27 bind
-rw-r--r-- 1 root root 2326 24. Jan 18:19 localtime
|
| Code: |
ls -l /chroot/dns/run/
insgesamt 4
drwxrwx--- 2 root named 4096 23. Mär 15:44 named
|
| Code: |
ls -l /chroot/dns/var/
insgesamt 12
drwxrwx--- 5 root named 4096 23. Mär 15:45 bind
drwxr-xr-x 3 root root 4096 6. Aug 2018 log
drwxr-xr-x 2 named named 4096 11. Aug 2018 run
|
| Code: |
ls -l /chroot/dns/etc/bind/
insgesamt 24
-rw-r----- 1 root named 2761 23. Mär 15:24 bind.keys
lrwxrwxrwx 1 root root 13 23. Mär 15:24 dyn -> /var/bind/dyn
-rw-r----- 1 root named 13228 7. Okt 16:29 named.conf
lrwxrwxrwx 1 root root 13 23. Mär 15:24 pri -> /var/bind/pri
-rw-r----- 1 root named 77 6. Aug 2018 rndc.key
lrwxrwxrwx 1 root root 13 23. Mär 15:24 sec -> /var/bind/sec
|
|
|
| Back to top |
|
|
hanj
Veteran
Joined: 19 Aug 2003
Posts: 1490
|
| Posted: Thu Apr 11, 2019 3:03 pm Post subject: |
|
|
Okay.. thought I would work on this again with the newer version of bind. Currently having the same issue with net-dns/bind-9.12.3_p4
So I nuked the entire chroot, and run --config to build it from scratch. I compared it permissions above.. and it's the same now. I also updated my config to be super simple, and it's still not starting. This is the case on 3 different servers, all running chroot. If I roll back to 9.11.2_p1 it works.
The server that I'm currently testing on is development server with a simple set up.
| Code: | Apr 11 08:51:14 server.comp.net named[27373]: automatic empty zone: B.E.F.IP6.ARPA
Apr 11 08:51:14 server.comp.net named[27373]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Apr 11 08:51:14 server.comp.net named[27373]: automatic empty zone: EMPTY.AS112.ARPA
Apr 11 08:51:14 server.comp.net named[27373]: automatic empty zone: HOME.ARPA
Apr 11 08:51:14 server.comp.net named[27373]: none:103: 'max-cache-size 90%' - setting to 1814MB (out of 2015MB)
Apr 11 08:51:14 server.comp.net named[27373]: configuring command channel from '/etc/bind/rndc.key'
Apr 11 08:51:14 server.comp.net named[27373]: command channel listening on 127.0.0.1#953
Apr 11 08:51:14 server.comp.net named[27373]: the working directory is not writable
Apr 11 08:51:14 server.comp.net named[27373]: loading configuration: permission denied
Apr 11 08:51:14 server.comp.net named[27373]: exiting (due to fatal error) |
Build USE flags
| Code: | | [ebuild R ] net-dns/bind-9.12.3_p4::gentoo USE="berkdb caps dlz mysql ssl static-libs urandom zlib -dnsrps -dnstap -doc -fixed-rrset -geoip -gost -gssapi -ipv6 -json -ldap -libressl -lmdb -odbc -postgres -python -rpz (-seccomp) (-selinux) -threads -xml" PYTHON_TARGETS="python2_7 python3_5 python3_6 (-python3_7)" 8426 KiB |
/etc/conf.d/named
| Code: | CHROOT="/chroot/dns"
CHROOT_NOMOUNT="1"
CHROOT_NOCHECK=1
PIDFILE="${CHROOT}/var/run/named/named.pid" |
/chroot/dns/etc/bind/named.conf
| Code: | acl comp { 127.0.0.1;};
options {
directory "/var/named";
notify yes;
auth-nxdomain no;
allow-recursion { comp; };
allow-query { comp; };
allow-transfer { comp; };
}; |
My permissions on directories match Duncan Mac Leod's post exactly. I did have to mknod for 'random' in /chroot/dns/dev/. I've added a debug level -d 2 in start up, but no additional clues. Googling around I see that following references...
Apr 11 08:51:14 server.comp.net named[27373]: the working directory is not writable
Apr 11 08:51:14 server.comp.net named[27373]: loading configuration: permission denied
Are usually the cause of an error prior to this. In other examples, I see specific issues - config issues, unable to write logs, etc.. but I don't see any other problems before this. Looks like normal start up info. I did try an strace as well, but nothing stood out.
Thanks!
h
_________________
Server Admin Blog - Uno-Code.com |
|
| Back to top |
|
|
Duncan Mac Leod
Guru
Joined: 02 May 2004
Posts: 310
Location: Germany
|
| Posted: Thu Apr 11, 2019 3:31 pm Post subject: |
|
|
Please check /etc/conf.d/named
| Code: |
CHROOT="/chroot/dns"
PIDFILE="${CHROOT}/run/named/named.pid"
|
I only have these 2 lines in /etc/conf.d/named - just a guess... |
|
| Back to top |
|
|
hanj
Veteran
Joined: 19 Aug 2003
Posts: 1490
|
| Posted: Thu Apr 11, 2019 4:21 pm Post subject: |
|
|
| Duncan Mac Leod wrote: | Please check /etc/conf.d/named
| Code: |
CHROOT="/chroot/dns"
PIDFILE="${CHROOT}/run/named/named.pid"
|
I only have these 2 lines in /etc/conf.d/named - just a guess... |
Okay.. I went with those lines. Typically in the past, I stored my configs in the /chroot, so I don't want it to mount /etc/bind/, etc.. that's why I had CHROOT_NOMOUNT=1. I tried the CHROOT_NOCHECK=1 today to see if that was causing the writable notice.
Regardless.. going with CHROOT and PIDFILE only.. I still get the same failed start.
Thanks!
h
_________________
Server Admin Blog - Uno-Code.com |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
