Доброго времени суток!
Попробовал добавить зоны для своего ДНС (bind-9.3.5-alt2)...
В логах:
Aug 31 12:47:29 dns named[8172]: starting BIND 9.3.5-P1
Aug 31 12:47:29 dns named[8172]: loading configuration from
'/etc/named.conf'
Aug 31 12:47:29 dns named[8172]: listening on IPv4 interface lo,
127.0.0.1#53
Aug 31 12:47:29 dns named[8172]: listening on IPv4 interface veth1,
10.3.0.10#53
Aug 31 12:47:29 dns named[8172]: command channel listening on 127.0.0.1#953
Aug 31 12:47:29 dns named[8172]: zone 0.in-addr.arpa/IN: loading master
file empty: permission denied
Aug 31 12:47:29 dns named[8172]: zone 0.3.10.in-addr.arpa/IN: loading
master file 0.3.10.in-addr.arpa: permission denied
Aug 31 12:47:29 dns named[8172]: zone 127.in-addr.arpa/IN: loading
master file 127.in-addr.arpa: permission denied
Aug 31 12:47:30 dns named[8172]: zone 255.in-addr.arpa/IN: loading
master file empty: permission denied
Aug 31 12:47:30 dns named[8172]: zone itc.lan/IN: loading master file
itc.lan.zone: permission denied
Aug 31 12:47:30 dns named[8172]: zone localdomain/IN: loading master
file localdomain: permission denied
Aug 31 12:47:30 dns named[8172]: zone localhost/IN: loading master file
localhost: permission denied
Aug 31 12:47:30 dns named[8172]: running
в самой директории:
# ls -lah /var/lib/bind/zone
total 28K
drwxr-xr-- 3 root root 296 Aug 31 12:09 .
drwx--x--- 6 root root 144 Aug 29 14:14 ..
-rw-r--r-- 1 root root 317 Aug 31 12:09 0.3.10.in-addr.arpa
-rw-r--r-- 1 root root 212 Aug 29 14:14 127.in-addr.arpa
-rw-r--r-- 1 root root 309 Aug 29 14:14 empty
-rw-r--r-- 1 root root 396 Aug 31 12:02 itc.lan.zone
-rw-r--r-- 1 root root 208 Aug 29 14:14 localdomain
-rw-r--r-- 1 root root 178 Aug 29 14:14 localhost
-rw-r--r-- 1 root root 2.9K Aug 29 14:14 named.root
drwxr--r-- 2 root root 48 Aug 29 14:14 slave
в конфиге:
# cat /var/lib/bind/etc/options.conf
options {
version "unknown";
directory "/zone";
pid-file "";
dump-file "/var/run/named_dump.db";
statistics-file "/var/run/named.stats";
recursing-file "/var/run/recursing";
//forward only;
forwarders {
62.80.160.130;
194.98.0.1;
132.236.56.250;
128.253.180.2;
192.168.1.48;
192.168.1.1;
};
allow-query {"corpnets";};
allow-recursion {"corpnets";};
};
Живёт он в чруте /var/lib/bind и исполняется # ps aux | grep named
named 8172 0.0 1.1 32584 2924 ? Ss 12:47 0:00
/usr/sbin/named
но читать-то он должен зоны?
После
# chown root.named -R /var/lib/bind
# chmod 750 /var/lib/bind
Всё заработало.
Aug 31 13:02:32 dns named[9758]: zone 0.in-addr.arpa/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone 0.3.10.in-addr.arpa/IN: has no NS
records
Aug 31 13:02:32 dns named[9758]: zone 127.in-addr.arpa/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone 255.in-addr.arpa/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone itc.lan/IN: loaded serial 1
Aug 31 13:02:32 dns named[9758]: zone localdomain/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone localhost/IN: loaded serial 2008070800
Aug 31 13:02:32 dns named[9758]: running
Aug 31 13:02:32 dns bind: named startup succeeded
Вопрос 1: Как добиться работы сразу, без смены прав доступа и владения?
Вопрос 2: Правильно ли:
# cat /etc/passwd | grep named
named:x:25:25:Bind User:/var/lib/named:/dev/null
Или оно уже устарело?
begin:vcard
fn:Denis Timurovich Yagofarov
n:Yagofarov;Denis Timurovich
org:ITGIS NASU
adr:room 615;;Chokolovski blvdr., 13;Kiev;;03151;Ukraine
email;internet:[EMAIL PROTECTED]
title:system administrator
tel;work:80442480755
tel;pager:[EMAIL PROTECTED]
tel;home:80442434512
tel;cell:80662933760
note:[EMAIL PROTECTED]
x-mozilla-html:FALSE
version:2.1
end:vcard
_______________________________________________
Sysadmins mailing list
[email protected]
https://lists.altlinux.org/mailman/listinfo/sysadmins
