On Tue, Oct 24, 2006 at 03:52:58PM +0200, Holger Nowak wrote:
> Hello,
> I know that running bind in a vserver guest is a bit problematic, so
> I decided to recompile Bind with linux-caps disabled according to
> http://linux-vserver.org/Problematic_Programs#Bind9_on_Debian_GNU.2FLinux_Woody_.283.0.29_and_Sarge_.283.1.29
> and
> http://www.newt.com/debian/acornHOWTO/ (Section bind9)
>
> But I couldn't start named properly. No error messages neither on
> promt nor on syslog occur but the name server isn't running. If I want
> to stop the service I receive the well known message:
>
> Stopping domain name service: namedrndc: connect failed: connection refused
>
> But I don't think it is a permission problem, since running named in
> foreground resulting in
>
> mystery:/etc/bind# named -g -p 53
> Oct 24 13:50:14.675 starting BIND 9.2.4 -g -p 53
> Oct 24 13:50:14.676 using 1 CPU
> Oct 24 13:50:14.678 loading configuration from '/etc/bind/named.conf'
> Segmentation fault (core dumped)
looks like a bind bug to me, at least a proper
app should not segfault on a bad config (if it
is a bad one at all)
> strace gives no more information, so I think I've made some mistake
> configuring the listening server. The crucial file where named is stop
> is the name.conf.options
>
> mystery:/etc/bind# cat named.conf.options
> options {
>
> // Avoids listening on 127.0.0.1.
> listen-on {
> 195.227.242.154;
> };
>
> auth-nxdomain no; # conform to RFC1035
>
> };
>
> controls {
> inet 195.227.242.154 allow {
> 195.227.242.154;
> };
> };
>
> The one and only IP is 195.227.242.154 which is a virtual IP on eth0:5
> on the host system. The host system is running bind too but I don't
> listen to the given IP.
>
> If I disable the listen directive I get the following message from
> named:
>
> mystery:/etc/bind# named -g -p 53
> Oct 24 13:56:53.970 starting BIND 9.2.4 -g -p 53
> Oct 24 13:56:53.970 using 1 CPU
> Oct 24 13:56:53.973 loading configuration from '/etc/bind/named.conf'
> Oct 24 13:56:53.973 no IPv6 interfaces found
> Oct 24 13:56:53.973 listening on IPv4 interface eth0:5, 195.227.242.154#53
> Oct 24 13:56:53.975 peer.c:87: REQUIRE(*list != ((void *)0)) failed
> Oct 24 13:56:53.975 exiting (due to assertion failure)
> Aborted (core dumped)
>
> I've been at my wits' end and I hope some could help me.
well, first, let's run testme.sh and 'vserver-info - SYSINFO'
on the host and provide that, then, you might want to change
the eth0:5 alias to a 'normal' assignment (for testing), maybe
bind is once again trying to be too smart and interpret the
interfaces in a non standard way (just an idea)
besides that, bind should work without any modifications for
recent devel branch Linux-VServer kernels and with the linux
caps disabled (or with daniel_hozac's patch applied) with
stable branch kernels
just for reference, here an example for the rndc setup:
# cat /etc/rndc.conf
key mykey {
algorithm hmac-md5;
secret "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
};
options {
default-key mykey;
default-server 10.42.0.1;
default-port 953;
};
# named.conf
controls {
inet 10.42.0.1 port 953
allow { 10.42.0.1; } keys { mykey; };
};
best,
Herbert
> Best regards,
> Holger
>
> --
> Holger Nowak
> Junior Projektmanager
> Datenmanagement | Programmierung
> > psychonomics AG
> > Berrenrather Str. 154-156
> > D-50937 Köln
> > T +49 (0) 221 42061-346
> > F +49 (0) 221 42061-100
> > E-Mail: [EMAIL PROTECTED]
> > www.psychonomics.de
> >
>
> -------------------
>
> Neuer "psychonomics Kundenmonitor Banken" ab Ende September 2006 erhaeltlich.
> Weitere Info: www.psychonomics.de/kundenmonitor_banken
>
> psychonomics Newsletter bestellen: www.psychonomics.de/newsletter
>
>
>
> _______________________________________________
> Vserver mailing list
> [email protected]
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
[email protected]
http://list.linux-vserver.org/mailman/listinfo/vserver
