BIND and the measure of system entropy (randomness?)
Greetings, A disk in one of the old firewalls (not exactly critical) failed (running OpenBSD 2.9!), and I urgently need a DNS server to work. Replaced the disk and installed 4.2. Starting `named -g` (listing below), produces a few surprising messages, like: a) line 3: BIND trying to load the configuration from /etc an not from /var/named/etc (my understanding was that the default -c option looks for the named.config in /var/named/etc an not in /etc); b) lines 34 and 35: `could not open entropy source /dev/arandom: file not found` and `using pre-chroot entropy source /dev/arandom` complaining about a missing /var/named/dev/arandom device. What BIND has to do with the laws of thermo-dynamics? Can I safely ignore the above messages. BTW, I am NOT a BIND expert! Regards, Ioan -- # named -g Starting privilege seperation 12-Dec-2007 10:51:30.646 starting BIND 9.3.4 -g 12-Dec-2007 10:51:30.657 loading configuration from '/etc/named.conf' 12-Dec-2007 10:51:30.659 listening on IPv6 interfaces, port 53 Binding privsep [priv]: msg PRIV_BIND received Binding privsep [priv]: msg PRIV_BIND received 12-Dec-2007 10:51:30.663 listening on IPv4 interface lo0, 127.0.0.1#53 Binding privsep [priv]: msg PRIV_BIND received Binding privsep [priv]: msg PRIV_BIND received 12-Dec-2007 10:51:30.666 listening on IPv4 interface fxp0, 192.168.1.199#53 Binding privsep [priv]: msg PRIV_BIND received Binding privsep [priv]: msg PRIV_BIND received 12-Dec-2007 10:51:30.668 listening on IPv4 interface xl0, 192.168.2.199#53 Binding privsep [priv]: msg PRIV_BIND received Binding privsep [priv]: msg PRIV_BIND received 12-Dec-2007 10:51:30.670 listening on IPv4 interface xl1, 192.168.3.199#53 Binding privsep [priv]: msg PRIV_BIND received Binding privsep [priv]: msg PRIV_BIND received Binding locally Binding locally Binding privsep [priv]: msg PRIV_BIND received 12-Dec-2007 10:51:30.682 command channel listening on 127.0.0.1#953 12-Dec-2007 10:51:30.683 could not open entropy source /dev/arandom: file not found 12-Dec-2007 10:51:30.683 using pre-chroot entropy source /dev/arandom 12-Dec-2007 10:51:30.683 ignoring config file logging statement due to -g option 12-Dec-2007 10:51:30.686 zone 0.in-addr.arpa/IN: loaded serial 2007121001 12-Dec-2007 10:51:30.690 zone 0.0.127.in-addr.arpa/IN: loaded serial 2007121001 12-Dec-2007 10:51:30.693 zone 255.in-addr.arpa/IN: loaded serial 2007121001 12-Dec-2007 10:51:30.696 zone com.trans.in-addr.arpa/IN: loaded serial 2007121001 12-Dec-2007 10:51:30.700 zone trans.com./IN: loaded serial 2007121001 12-Dec-2007 10:51:30.702 zone localhost/IN: loaded serial 2007121001 12-Dec-2007 10:51:30.704 running
Re: BIND and the measure of system entropy (randomness?)
Hi, mufurcz wrote: Greetings, A disk in one of the old firewalls (not exactly critical) failed (running OpenBSD 2.9!), and I urgently need a DNS server to work. Replaced the disk and installed 4.2. Starting `named -g` (listing below), produces a few surprising messages, like: a) line 3: BIND trying to load the configuration from /etc an not from /var/named/etc (my understanding was that the default -c option looks for the named.config in /var/named/etc an not in /etc); This is because named is chrooted by default. b) lines 34 and 35: `could not open entropy source /dev/arandom: file not found` and `using pre-chroot entropy source /dev/arandom` complaining about a missing /var/named/dev/arandom device. I think this has to do with the chroot as well. I get this too, and no harm seems to be done. /Alexander
Re: BIND and the measure of system entropy (randomness?)
On Wed, Dec 12, 2007 at 01:08:42AM +1100, mufurcz wrote: Hi. Greetings, A disk in one of the old firewalls (not exactly critical) failed (running OpenBSD 2.9!), and I urgently need a DNS server to work. Replaced the disk and installed 4.2. Starting `named -g` (listing below), produces a few surprising messages, like: a) line 3: BIND trying to load the configuration from /etc an not from /var/named/etc (my understanding was that the default -c option looks for the named.config in /var/named/etc an not in /etc); AFAIK the originale,unmodified bind from OpenBSD runs in a chroot()ed environment under /var/named. So its root is really at /. So if it says it reads from /etc/named.conf it _REALLY_ reads from /var/named/etc/named.conf because of the chroot. b) lines 34 and 35: `could not open entropy source /dev/arandom: file not found` and `using pre-chroot entropy source /dev/arandom` complaining about a missing /var/named/dev/arandom device. Same as above. /dev/arandom is _REALLY_ /var/named/dev/arandom. So just why not creating this device? cd /var/named/dev mknod arandom c 45 4 What BIND has to do with the laws of thermo-dynamics? Can I safely ignore the above messages. BIND needs /dev/arandom for some stuff like generating random IDs. BTW, I am NOT a BIND expert! Neither do I ;) Oh and don't forget the chroot() thingy mentioned above. If you write to logfiles etc. they will get written to /var/named/var/log/... ! HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: BIND and the measure of system entropy (randomness?)
On 12/11/07, Andreas Maus [EMAIL PROTECTED] wrote: On Wed, Dec 12, 2007 at 01:08:42AM +1100, mufurcz wrote: b) lines 34 and 35: `could not open entropy source /dev/arandom: file not found` and `using pre-chroot entropy source /dev/arandom` complaining about a missing /var/named/dev/arandom device. Same as above. /dev/arandom is _REALLY_ /var/named/dev/arandom. So just why not creating this device? cd /var/named/dev mknod arandom c 45 4 What BIND has to do with the laws of thermo-dynamics? Can I safely ignore the above messages. BIND needs /dev/arandom for some stuff like generating random IDs. on OpenBSD it doesn't. There was a mail from Theo regarding exactly this error message, stating that on OpenBSD BIND doesn't use (or need) this. You could search the archives... --knitti