From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <denyago@rambler.ru>
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,SPF_PASS
	autolearn=ham version=3.2.4
Message-ID: <48BA705E.4030200@rambler.ru>
Date: Sun, 31 Aug 2008 13:20:14 +0300
From: Di <denyago@rambler.ru>
User-Agent: Thunderbird 2.0.0.14 (X11/20080719)
MIME-Version: 1.0
To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
Content-Type: multipart/mixed; boundary="------------030900080502050706050108"
Subject: [Sysadmins] =?koi8-r?b?7sUg083PxyDT0sHa1SDEz8LB18nU2CDaz87VIMTM?=
 =?koi8-r?b?0SBCaW5k?=
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.10b3
Precedence: list
Reply-To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmin discuss <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Aug 2008 10:20:33 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/48BA705E.4030200@rambler.ru/>
List-Archive: <http://lore.altlinux.org/sysadmins/>

This is a multi-part message in MIME format.
--------------030900080502050706050108
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 8bit

Доброго времени суток!

Попробовал добавить зоны для своего ДНС (bind-9.3.5-alt2)...

В логах:
Aug 31 12:47:29 dns named[8172]: starting BIND 9.3.5-P1
Aug 31 12:47:29 dns named[8172]: loading configuration from
'/etc/named.conf'
Aug 31 12:47:29 dns named[8172]: listening on IPv4 interface lo,
127.0.0.1#53
Aug 31 12:47:29 dns named[8172]: listening on IPv4 interface veth1,
10.3.0.10#53
Aug 31 12:47:29 dns named[8172]: command channel listening on 127.0.0.1#953
Aug 31 12:47:29 dns named[8172]: zone 0.in-addr.arpa/IN: loading master
file empty: permission denied
Aug 31 12:47:29 dns named[8172]: zone 0.3.10.in-addr.arpa/IN: loading
master file 0.3.10.in-addr.arpa: permission denied
Aug 31 12:47:29 dns named[8172]: zone 127.in-addr.arpa/IN: loading
master file 127.in-addr.arpa: permission denied
Aug 31 12:47:30 dns named[8172]: zone 255.in-addr.arpa/IN: loading
master file empty: permission denied
Aug 31 12:47:30 dns named[8172]: zone itc.lan/IN: loading master file
itc.lan.zone: permission denied
Aug 31 12:47:30 dns named[8172]: zone localdomain/IN: loading master
file localdomain: permission denied
Aug 31 12:47:30 dns named[8172]: zone localhost/IN: loading master file
localhost: permission denied
Aug 31 12:47:30 dns named[8172]: running

в самой директории:
# ls -lah /var/lib/bind/zone
total 28K
drwxr-xr-- 3 root root  296 Aug 31 12:09 .
drwx--x--- 6 root root  144 Aug 29 14:14 ..
-rw-r--r-- 1 root root  317 Aug 31 12:09 0.3.10.in-addr.arpa
-rw-r--r-- 1 root root  212 Aug 29 14:14 127.in-addr.arpa
-rw-r--r-- 1 root root  309 Aug 29 14:14 empty
-rw-r--r-- 1 root root  396 Aug 31 12:02 itc.lan.zone
-rw-r--r-- 1 root root  208 Aug 29 14:14 localdomain
-rw-r--r-- 1 root root  178 Aug 29 14:14 localhost
-rw-r--r-- 1 root root 2.9K Aug 29 14:14 named.root
drwxr--r-- 2 root root   48 Aug 29 14:14 slave

в конфиге:
# cat /var/lib/bind/etc/options.conf
options {
         version "unknown";
         directory "/zone";
         pid-file "";
         dump-file "/var/run/named_dump.db";
         statistics-file "/var/run/named.stats";
         recursing-file "/var/run/recursing";
	//forward only;
         forwarders {
                                 62.80.160.130;
                                 194.98.0.1;
                                 132.236.56.250;
                                 128.253.180.2;
                                 192.168.1.48;
                                 192.168.1.1;
                                 };

         allow-query {"corpnets";};
         allow-recursion {"corpnets";};
};

Живёт он в чруте /var/lib/bind и исполняется # ps aux | grep named
named     8172  0.0  1.1  32584  2924 ?        Ss   12:47   0:00
/usr/sbin/named

но читать-то он должен зоны?

После
# chown root.named -R /var/lib/bind
# chmod 750 /var/lib/bind

Всё заработало.

Aug 31 13:02:32 dns named[9758]: zone 0.in-addr.arpa/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone 0.3.10.in-addr.arpa/IN: has no NS
records
Aug 31 13:02:32 dns named[9758]: zone 127.in-addr.arpa/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone 255.in-addr.arpa/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone itc.lan/IN: loaded serial 1
Aug 31 13:02:32 dns named[9758]: zone localdomain/IN: loaded serial
2008070800
Aug 31 13:02:32 dns named[9758]: zone localhost/IN: loaded serial 2008070800
Aug 31 13:02:32 dns named[9758]: running
Aug 31 13:02:32 dns bind: named startup succeeded

Вопрос 1: Как добиться работы сразу, без смены прав доступа и владения?
Вопрос 2: Правильно ли:
# cat /etc/passwd | grep named
named:x:25:25:Bind User:/var/lib/named:/dev/null

Или оно уже устарело?


--------------030900080502050706050108
Content-Type: text/x-vcard; charset=utf-8;
 name="denyago.vcf"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="denyago.vcf"

begin:vcard
fn:Denis Timurovich Yagofarov
n:Yagofarov;Denis Timurovich
org:ITGIS NASU
adr:room 615;;Chokolovski blvdr., 13;Kiev;;03151;Ukraine
email;internet:denyago@rambler.ru
title:system administrator
tel;work:80442480755
tel;pager:diyago@jabber.te.ua
tel;home:80442434512
tel;cell:80662933760
note:diyago@jabber.te.ua
x-mozilla-html:FALSE
version:2.1
end:vcard


--------------030900080502050706050108--