Re: Regarding named related issue observed with bind 9.11.5-P4 version
On 3 Apr 2019, at 10:26, Chandra Rao wrote: > exec /usr/sbin/named -u named -c "/etc/ClusterDNS.conf" -f You may need to use sudo /usr/sbin/named -u named ... or, if you prefer exec sudo /usr/sbin/named -u named ... Best regards, Niall O'Reilly ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: allow-update in global options (was Re: bind and certbot with dns-challenge)
On Wed, Apr 3, 2019 at 7:08 PM Evan Hunt wrote: > On Tue, Apr 02, 2019 at 06:28:02PM +0200, Alan Clegg wrote: > > The answer to your question is: "someone at ISC". > > Oh, I'm willing to take the public blame here, Alan. It's not like the > commits don't have my name on them. > > The code the processes allow-update was written in an oddly circuitious > fashion, and this combined with a badly misleading C comment led me to > believe that allow-update and update-policy had the same rules about > where they could be set - and, update-policy can only be set in zone > statements. (This is personally embarrassing, but if you read the relevant > code and comments in configure_view() you might see how easy it is to be > misled.) > > I actually do still think that *ought* to be the rule for allow-update, > but it wasn't, so when I cleaned things up I cleaned them up wrong, mea > culpa. > > -- > Evan Hunt -- e...@isc.org > Internet Systems Consortium, Inc. > > I think we should simplify the rules (and probably the code) to simply say: "Options can be set at any level and apply to everything included in that scope, unless overridden." Why have exceptions to this? This seems like expected behavior, and will allow for simpler configurations in some cases. No one is forced to use this, it is optional, but often convenient. -- Bob Harold ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Regarding named related issue observed with bind 9.11.5-P4 version
Hi Team,
Do we have any update on this issue ?
Thanks in Advance.
Regards,
Chandra M
On Wed, Apr 3, 2019 at 2:56 PM Chandra Rao
wrote:
> Hi Team,
>
> Earlier we have used bind-9.9.11-P1 in our platform and upgraded to
> 9.11.5-P4 due to the EOL received for the earlier used version.
> After upgrading we are facing the below mentioned issue related to named
> binary.
>
> While launching the named service coming from the latest bind as mentioned
> below, We have observed that it's is not able to create "/var/run/named"
> directory with the named user in the cluster. Due to this we are not able
> to store the files "named.pid" and "session.key".
>
> Following are the variables defined in the conf file for the respective
> files.
> options {
> version "BIND";
> pid-file "/var/run/named/named.pid";
> session-keyfile "/var/run/named/session.key";
>
> # Exec named
> exec /usr/sbin/named -u named -c "/etc/ClusterDNS.conf" -f
>
> Due to this following errors are logging in the master-syslog.
> 6048:Jan 29 10:22:54.073621 warn CFPU-1 named[9574]: couldn't mkdir
> '/var/run/named': Permission denied
> 6051:Jan 29 10:22:54.073834 info CFPU-1 named[9574]: generating session
> key for dynamic DNS
> 6052:Jan 29 10:22:54.074017 warn CFPU-1 named[9574]: couldn't mkdir
> '/var/run/named': Permission denied
> 6053:Jan 29 10:22:54.074017 err CFPU-1 named[9574]: could not create
> /var/run/named/session.key
> 6054:Jan 29 10:22:54.074017 err CFPU-1 named[9574]: failed to generate
> session key for dynamic DNS: permission denied
>
> From the opensource we came to know that it's fixed in 9.9.x version which
> we used earlier.Kindly let us know why the issue coming again in 9.11.x
> version.
>
> Thanks in Advance.
>
>
> Regards,
> Chandra M
>
>
>
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
