* [Sysadmins] Не смог сразу добавить зону для Bind
@ 2008-08-31 10:20 Di
2008-09-01 7:02 ` Timur Batyrshin
2008-09-01 7:06 ` Vladimir V. Kamarzin
0 siblings, 2 replies; 4+ messages in thread
From: Di @ 2008-08-31 10:20 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
[-- Attachment #1: Type: text/plain, Size: 3650 bytes --]
Доброго времени суток!
Попробовал добавить зоны для своего ДНС (bind-9.3.5-alt2)...
В логах:
Aug 31 12:47:29 dns named[8172]: starting BIND 9.3.5-P1
Aug 31 12:47:29 dns named[8172]: loading configuration from
'/etc/named.conf'
Aug 31 12:47:29 dns named[8172]: listening on IPv4 interface lo,
127.0.0.1#53
Aug 31 12:47:29 dns named[8172]: listening on IPv4 interface veth1,
10.3.0.10#53
Aug 31 12:47:29 dns named[8172]: command channel listening on 127.0.0.1#953
Aug 31 12:47:29 dns named[8172]: zone 0.in-addr.arpa/IN: loading master
file empty: permission denied
Aug 31 12:47:29 dns named[8172]: zone 0.3.10.in-addr.arpa/IN: loading
master file 0.3.10.in-addr.arpa: permission denied
Aug 31 12:47:29 dns named[8172]: zone 127.in-addr.arpa/IN: loading
master file 127.in-addr.arpa: permission denied
Aug 31 12:47:30 dns named[8172]: zone 255.in-addr.arpa/IN: loading
master file empty: permission denied
Aug 31 12:47:30 dns named[8172]: zone itc.lan/IN: loading master file
itc.lan.zone: permission denied
Aug 31 12:47:30 dns named[8172]: zone localdomain/IN: loading master
file localdomain: permission denied
Aug 31 12:47:30 dns named[8172]: zone localhost/IN: loading master file
localhost: permission denied
Aug 31 12:47:30 dns named[8172]: running
в самой директории:
# ls -lah /var/lib/bind/zone
total 28K
drwxr-xr-- 3 root root 296 Aug 31 12:09 .
drwx--x--- 6 root root 144 Aug 29 14:14 ..
-rw-r--r-- 1 root root 317 Aug 31 12:09 0.3.10.in-addr.arpa
-rw-r--r-- 1 root root 212 Aug 29 14:14 127.in-addr.arpa
-rw-r--r-- 1 root root 309 Aug 29 14:14 empty
-rw-r--r-- 1 root root 396 Aug 31 12:02 itc.lan.zone
-rw-r--r-- 1 root root 208 Aug 29 14:14 localdomain
-rw-r--r-- 1 root root 178 Aug 29 14:14 localhost
-rw-r--r-- 1 root root 2.9K Aug 29 14:14 named.root
drwxr--r-- 2 root root 48 Aug 29 14:14 slave
в конфиге:
# cat /var/lib/bind/etc/options.conf
options {
version "unknown";
directory "/zone";
pid-file "";
dump-file "/var/run/named_dump.db";
statistics-file "/var/run/named.stats";
recursing-file "/var/run/recursing";
//forward only;
forwarders {
62.80.160.130;
194.98.0.1;
132.236.56.250;
128.253.180.2;
192.168.1.48;
192.168.1.1;
};
allow-query {"corpnets";};
allow-recursion {"corpnets";};
};
Живёт он в чруте /var/lib/bind и исполняется # ps aux | grep named
named 8172 0.0 1.1 32584 2924 ? Ss 12:47 0:00
/usr/sbin/named
но читать-то он должен зоны?
После
# chown root.named -R /var/lib/bind
# chmod 750 /var/lib/bind
Всё заработало.
Aug 31 13:02:32 dns named[9758]: zone 0.in-addr.arpa/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone 0.3.10.in-addr.arpa/IN: has no NS
records
Aug 31 13:02:32 dns named[9758]: zone 127.in-addr.arpa/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone 255.in-addr.arpa/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone itc.lan/IN: loaded serial 1
Aug 31 13:02:32 dns named[9758]: zone localdomain/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone localhost/IN: loaded serial 2008070800
Aug 31 13:02:32 dns named[9758]: running
Aug 31 13:02:32 dns bind: named startup succeeded
Вопрос 1: Как добиться работы сразу, без смены прав доступа и владения?
Вопрос 2: Правильно ли:
# cat /etc/passwd | grep named
named:x:25:25:Bind User:/var/lib/named:/dev/null
Или оно уже устарело?
[-- Attachment #2: denyago.vcf --]
[-- Type: text/x-vcard, Size: 366 bytes --]
begin:vcard
fn:Denis Timurovich Yagofarov
n:Yagofarov;Denis Timurovich
org:ITGIS NASU
adr:room 615;;Chokolovski blvdr., 13;Kiev;;03151;Ukraine
email;internet:denyago@rambler.ru
title:system administrator
tel;work:80442480755
tel;pager:diyago@jabber.te.ua
tel;home:80442434512
tel;cell:80662933760
note:diyago@jabber.te.ua
x-mozilla-html:FALSE
version:2.1
end:vcard
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Sysadmins] Не смог сразу добавить зону для Bind
2008-08-31 10:20 [Sysadmins] Не смог сразу добавить зону для Bind Di
@ 2008-09-01 7:02 ` Timur Batyrshin
2008-09-01 7:06 ` Vladimir V. Kamarzin
1 sibling, 0 replies; 4+ messages in thread
From: Timur Batyrshin @ 2008-09-01 7:02 UTC (permalink / raw)
To: sysadmins
[-- Attachment #1: Type: text/plain, Size: 697 bytes --]
On Sun, 31 Aug 2008 13:20:14 +0300
Di wrote:
> Вопрос 1: Как добиться работы сразу, без смены прав доступа и
> владения?
Создать файл сразу с нужным владельцем и правами доступа?
А в чем проблема сменить владельца и права доступа?
> Вопрос 2: Правильно ли:
> # cat /etc/passwd | grep named
> named:x:25:25:Bind User:/var/lib/named:/dev/null
>
> Или оно уже устарело?
У меня так же:
[erthad@horus ~]$ cat /etc/passwd | grep named
named:x:25:25:Bind User:/var/lib/named:/dev/null
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Sysadmins] Не смог сразу добавить зону для Bind
2008-08-31 10:20 [Sysadmins] Не смог сразу добавить зону для Bind Di
2008-09-01 7:02 ` Timur Batyrshin
@ 2008-09-01 7:06 ` Vladimir V. Kamarzin
2008-09-01 7:36 ` Денис Ягофаров
1 sibling, 1 reply; 4+ messages in thread
From: Vladimir V. Kamarzin @ 2008-09-01 7:06 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
>>>>> On 31 Aug 2008 at 16:20 "D" == Di writes:
D> Вопрос 1: Как добиться работы сразу, без смены прав доступа и владения?
Из коробки всё работает, видимо вы где-то сами допустили ошибку с правами.
# ls -ld /var/lib/bind/zone/
drwx--x--- 3 root named 4096 Aug 29 12:43 /var/lib/bind/zone/
# ls -l /var/lib/bind/zone/localhost
-rw-r----- 1 root named 178 Jul 9 02:19 /var/lib/bind/zone/localhost
# rpm -V bind
S.5....T c /var/lib/bind/etc/local.conf
S.5....T c /var/lib/bind/etc/options.conf
--
vvk
Postfix page on f.i: http://freesource.info/wiki/Dokumentacija/Postfix
Russian Postfix irc: irc.freenode.net #postfix-ru
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Sysadmins] Не смог сразу добавить зону для Bind
2008-09-01 7:06 ` Vladimir V. Kamarzin
@ 2008-09-01 7:36 ` Денис Ягофаров
0 siblings, 0 replies; 4+ messages in thread
From: Денис Ягофаров @ 2008-09-01 7:36 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
[-- Attachment #1: Type: text/plain, Size: 274 bytes --]
Vladimir V. Kamarzin пишет:
> Из коробки всё работает, видимо вы где-то сами допустили ошибку с правами.
>
> # ls -ld /var/lib/bind/zone/
> drwx--x--- 3 root named 4096 Aug 29 12:43 /var/lib/bind/zone/
>
>
Спасибо. Видимо, действительно так. Буду теперь внимательнее :)
[-- Attachment #2: denyago.vcf --]
[-- Type: text/x-vcard, Size: 269 bytes --]
begin:vcard
fn:Denis Timurovich Yagofarov
n:Yagofarov;Denis Timurovich
org:ITGIS NASU
adr:room 615;;Chokolovski blvdr., 13;Kiev;;03151;Ukraine
email;internet:denyago@rambler.ru
title:system administrator
tel;work:80442480755
x-mozilla-html:FALSE
version:2.1
end:vcard
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2008-09-01 7:36 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-08-31 10:20 [Sysadmins] Не смог сразу добавить зону для Bind Di
2008-09-01 7:02 ` Timur Batyrshin
2008-09-01 7:06 ` Vladimir V. Kamarzin
2008-09-01 7:36 ` Денис Ягофаров
ALT Linux sysadmins discussion
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
public-inbox-index sysadmins
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sysadmins
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git