Re: bind-chroot is not re-positioning my forward and reverse tables

2021-06-29 Thread ToddAndMargo via bind-users 

On 6/24/21 9:00 PM, ToddAndMargo via bind-users wrote:

Hi All,

Fedora 34
bind-chroot-9.16.16-1.fc34.x86_64


I am trying to clean up my bind-chroot forward and reverse files.

The goal is to have bind-chroot do its thing by duplicating these two 
files over into

     /var/named/chroot/var/named/slaves/
with the identical inodes like it does with named.root and named.root.key:

     # stat /etc/named.root.key /var/named/chroot/etc/named.root.key
     ...
     File: /etc/named.root.key
     Inode: 60033354
     ...
     File: /var/named/chroot/etc/named.root.key
     ...
     Inode: 60033354


In my /etc/named.conf, I have

     zone "abc.local" {
     type master;
     # file "/var/named/chroot/var/named/slaves/abc.hosts";
     file "slaves/abc.hosts";
     allow-update { key DHCP_UPDATER; };
     };

     zone "255.168.192.in-addr.arpa" {
     type master;
     # file "/var/named/chroot/var/named/slaves/abc.hosts.rev";
     file "slaves/abc.hosts.rev";
     allow-update { key DHCP_UPDATER; };
     };


After I stopped
     # systemctl start named-chroot
I copied and moved the following:


Before:
     # find /var/named/ -iname abc.hosts\*
     /var/named/chroot/var/named/slaves/abc.hosts.000
     /var/named/chroot/var/named/slaves/abc.hosts.rev.000

     # cp /var/named/chroot/var/named/slaves/abc.hosts 
/var/named/chroot/var/named/slaves/abc.hosts.000

     # mv /var/named/chroot/var/named/slaves/abc.hosts .
     # cp /var/named/chroot/var/named/slaves/abc.hosts.rev 
/var/named/chroot/var/named/slaves/abc.hosts.rev.000

     # mv /var/named/chroot/var/named/slaves/abc.hosts.rev .
     # find /var/named/ -iname abc.hosts*

After:
     # find /var/named/ -iname abc.hosts\*
     /var/named/slaves/abc.hosts.rev
     /var/named/slaves/abc.hosts
     /var/named/chroot/var/named/slaves/abc.hosts.000
     /var/named/chroot/var/named/slaves/abc.hosts.rev.000


But when I restarted named-chroot, my great plans got dashed:

     # systemctl start named-chroot
     ...
     Jun 24 20:35:45 rn6.abc.local bash[83464]: zone abc.local/IN: 
loading from master file /slaves/abc.hosts faile>
     Jun 24 20:35:45 rn6.abc.local bash[83464]: zone abc.local/IN: not 
loaded due to errors.
     Jun 24 20:35:45 rn6.abc.local bash[83464]: _default/abc.local/IN: 
file not found
     Jun 24 20:35:45 rn6.abc.local bash[83464]: zone 
255.168.192.in-addr.arpa/IN: loading from master file /slaves/abc.host>
     Jun 24 20:35:45 rn6.abc.local bash[83464]: zone 
255.168.192.in-addr.arpa/IN: not loaded due to errors.
     Jun 24 20:35:45 rn6.abc.local bash[83464]: 
_default/255.168.192.in-addr.arpa/IN: file not found
     Jun 24 20:35:45 rn6.abc.local bash[83464]: zone 
0.0.127.in-addr.arpa/IN: loaded serial 1997022700



named-chroot can't find abc.hosts or abc.hosts.rev in
    /var/named/chroot/var/named/slaves

And in case they got copied to somewhere else I did another find:
     # find /var/named/ -iname abc.hosts\*
     /var/named/slaves/abc.hosts.rev
     /var/named/slaves/abc.hosts
     /var/named/chroot/var/named/slaves/abc.hosts.000
     /var/named/chroot/var/named/slaves/abc.hosts.rev.000

No change.

What am I missing?

Many thanks,
-T



Along with some excellent help for Ed over on the
Fedora mailing list, I did get it figured out.
I got my ass handed to me on step 2.

Here are my notes:

-T


bind-chroot: how to start over clean:


On 6/27/21 5:34 PM, Ed Greshko wrote (with additions from T):

0) backup your zone tables (3+), named.config,
   named.root.key, named.local files

1) stop named-chroot,
  # systemctl stopnamed-chroot.service
   Verify it is dead:
  # systemctl status  named-chroot.service

2) start the named server
  # systemctl start   named.service

   make sure it doesn't produced errors.  Fix any you do find

   To check errors:
   # systemctl statusnamed.service

3) If that check ok, then stop named.
  # systemctl stopnamed.service

4) Then do

   Remove:
  # rpm -e --nodeps bind-chroot
  # rm -rf  /var/named/chroot

   Reinstall:
  # dnf install bind-chroot
  # systemctl enable  named-chroot.service


5) Then, without moving any files or doing anything, start named-chroot
  # systemctl start   named-chroot.service


6) double check your mount --bind's

   # stat /etc/named.root.key | grepInode | awk '{print $3 " " $4}'
   Inode: 60033354
   # stat /var/named/chroot/etc/named.root.key | grepInode | awk 
'{print $3 " " $4}'

   Inode: 60033354

   # stat /etc/named.conf | grepInode | awk '{print $3 " " $4}'
   Inode: 27396278
   # stat /var/named/chroot/etc/named.conf | grepInode | awk 
'{print $3 " " $4}'

   Inode: 27396278

   # stat /var/named/named.local | grepInode | awk '{print $3 " " $4}'
   Inode: 20186605
   # stat /var/named/chroot/var/named/named.local | grepInode | awk 
'{print $3 " " $4}'

   Inode: 20186605

   # stat /var/named/   abc.hosts | grepInode | awk

Re: bind-chroot is not re-positioning my forward and reverse tables

2021-06-29 Thread ToddAndMargo via bind-users 

On 6/27/21 4:01 PM, Reindl Harald wrote:

seriosly i am beginning to wonder if you should simply give up bind-chroot


Never quit!  :-)



it's not the job of the chroot bind-mount setup to mount each and every 
file and 'file "abc.hosts.rev"' without any path makes no sense


just write your files where they are expected from the viewpoint of the 
chroot and ignore "/var/named/chroot" in your configs because it simply 
don't exist from the viewpoint of the process running inside the chroot


anyways, that's not a bind topic at all


Odd, I would have thought that bind-chroot was part of the bind project.

Anyway, I figured it out.  I will post it in another reply

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users