From Newsgroup: comp.protocols.dns.bind
--=_MailMate_BF2EB815-0FAF-412C-B878-A0FAE54FE446_=
Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit
On 1 Jun 2020, at 20:49, DeCaro, James John (Jim) CIV DISA FE (USA) via bind-users wrote:
Also, BIND binaries are located in /usr/bin and /usr/sbin --sorry I
forgot to mention that. I went ahead and re-compiled with ./configure --enable-full-report --with-gssapi=krb5-config --sysconfdir=/etc --with-openssl=/usr/local --localstatedir=/var --enable-fixed-rrset
and installed it, now the default directories are correct but the
service still goes into maintenance with the same error as produced by
named -c /etc/named.conf -g.
I apologize that my inexperience makes this confusing.
V/R
Jim DeCaro
DISA
Systems Administrator
Windows and Unix Server Operations
FE222/DoDNet Service Section
Defense Enclave Services Directorate
☎ 301-225-8180
☎ 301-375-8180
James.j.decaro3.civ@mail.mil
James.j.decaro3.civ@mail.smil.mil
"If you always do what you always did you will always get what you
always got."
-----Original Message-----
From: DeCaro, James John (Jim) CIV DISA FE (USA)
Sent: Monday, June 1, 2020 3:23 PM
To: 'Anand Buddhdev' <anandb@ripe.net>; bind-users@lists.isc.org
Subject: RE: [Non-DoD Source] Re: BIND installed on a Solaris 11.4 x
86 virtual server
named -c /etc/named.conf -g
01-Jun-2020 15:02:22.034 starting BIND 9.16.3 (Stable Release)
<id:5ea41c1>
01-Jun-2020 15:02:22.034 running on SunOS i86pc 5.11 11.4.20.4.0
01-Jun-2020 15:02:22.034 built with '--with-gssapi=krb5-config' 'LDFLAGS=-L/usr/local/lib -R/usr/local/lib' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/local/lib/pkgconfig'
01-Jun-2020 15:02:22.034 running as: named -c /etc/named.conf -g
01-Jun-2020 15:02:22.034 compiled by GCC 9.2.0
01-Jun-2020 15:02:22.034 compiled with OpenSSL version: OpenSSL 1.1.1b
26 Feb 2019
01-Jun-2020 15:02:22.034 linked to OpenSSL version: OpenSSL 1.1.1b 26
Feb 2019
01-Jun-2020 15:02:22.034 compiled with libxml2 version: 2.9.9
01-Jun-2020 15:02:22.034 linked to libxml2 version: 20909
01-Jun-2020 15:02:22.035 compiled with json-c version: 0.12
01-Jun-2020 15:02:22.035 linked to json-c version: 0.12
01-Jun-2020 15:02:22.035 compiled with zlib version: 1.2.11
01-Jun-2020 15:02:22.035 linked to zlib version: 1.2.11
01-Jun-2020 15:02:22.035 ----------------------------------------------------
01-Jun-2020 15:02:22.035 BIND 9 is maintained by Internet Systems Consortium,
01-Jun-2020 15:02:22.035 Inc. (ISC), a non-profit 501(c)(3)
public-benefit
01-Jun-2020 15:02:22.035 corporation. Support and training for BIND 9
are
01-Jun-2020 15:02:22.035 available at https://www.isc.org/support
01-Jun-2020 15:02:22.035 ----------------------------------------------------
01-Jun-2020 15:02:22.035 found 2 CPUs, using 2 worker threads
01-Jun-2020 15:02:22.035 using 2 UDP listeners per interface
01-Jun-2020 15:02:22.038 using up to 21000 sockets
01-Jun-2020 15:02:22.044 loading configuration from '/etc/named.conf' <<----------------------------correct
01-Jun-2020 15:02:22.046 reading built-in trust anchors from file '/usr/local/etc/bind.keys'
01-Jun-2020 15:02:22.049 using default UDP/IPv4 port range: [1024,
65535]
01-Jun-2020 15:02:22.050 using default UDP/IPv6 port range: [1024,
65535]
01-Jun-2020 15:02:22.051 listening on IPv4 interface net1, <IP> #53 01-Jun-2020 15:02:22.053 creating TCP socket: address in use <<--------------------------????
01-Jun-2020 15:02:22.053 IPv6 socket API is incomplete; explicitly
binding to each IPv6 address separately
01-Jun-2020 15:02:22.053 listening on IPv6 interface lo0, ::1#53
01-Jun-2020 15:02:22.055 creating TCP socket: address in use <<--------------------------????
01-Jun-2020 15:02:22.055 unable to listen on any configured interfaces 01-Jun-2020 15:02:22.056 loading configuration: failure <<---------------------------------????
01-Jun-2020 15:02:22.056 exiting (due to fatal error)
OK, thanks I did not read it closely enough the first time. However
it is still not loading. I had disabled
svc:/network/dns/server:default prior to running the command to avoid
2 instances of named running and got the above output. When I enable
it, it goes into maintenance. When I try named -c /etc/named.conf -g
when dns/server is enabled (in maintenance) I get the same result as
above.
Note: the named.conf file is blank.
Named -V
BIND 9.16.3 (Stable Release) <id:5ea41c1>
running on SunOS i86pc 5.11 11.4.20.4.0
built by make with '--with-gssapi=krb5-config'
'LDFLAGS=-L/usr/local/lib -R/usr/local/lib' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/local/lib/pkgconfig'
compiled by GCC 9.2.0
compiled with OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019
linked to OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019
compiled with libxml2 version: 2.9.9
linked to libxml2 version: 20909
compiled with json-c version: 0.12
linked to json-c version: 0.12
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabled
default paths: <<------------------------incorrect
named configuration: /usr/local/etc/named.conf
rndc configuration: /usr/local/etc/rndc.conf
DNSSEC root key: /usr/local/etc/bind.keys
nsupdate session key: /usr/local/var/run/named/session.key
named PID file: /usr/local/var/run/named/named.pid
named lock file: /usr/local/var/run/named/named.lock
------------------->>default paths: these are not what I was
shooting for --should be:
named configuration: /etc/named.conf
rndc configuration: /etc/rndc.conf
DNSSEC root key: /etc/bind.keys
nsupdate session key: /usr/var/run/named/session.key
named PID file: /usr/var/run/named/named.pid
named lock file: /usr/var/run/named/named.lock
Thank you
V/R
Jim DeCaro
DISA
Systems Administrator
Windows and Unix Server Operations
FE222/DoDNet Service Section
Defense Enclave Services Directorate
☎ 301-225-8180
☎ 301-375-8180
James.j.decaro3.civ@mail.mil
James.j.decaro3.civ@mail.smil.mil
"If you always do what you always did you will always get what you
always got."
-----Original Message-----
From: Anand Buddhdev <anandb@ripe.net>
Sent: Monday, June 1, 2020 3:00 PM
To: DeCaro, James John (Jim) CIV DISA FE (USA) <james.j.decaro3.civ@mail.mil>; bind-users@lists.isc.org
Subject: [Non-DoD Source] Re: BIND installed on a Solaris 11.4 x 86
virtual server
On 01/06/2020 20:08, DeCaro, James John (Jim) CIV DISA FE (USA) via bind-users wrote:
Hi Jim,
Installed BIND 9.16.3 and I discovered that the SMF dns/server is
trying to read named.conf from /usr/local/etc/:
"/usr/local/etc/named.conf: file not found". I am trying to figure
out how point named to read /etc/named.conf.
I last touched SMF over 15 years ago, and I don't remember enough
about
it now, so I can't speak for the SMF parts of your question.
I did try re-compiling BIND with different switches but it resulted
in the same thing. Is there an environment variable or a ./configure
switch to re-point the default to /etc/named.conf? I tried
'--sysconfdir=/etc' --no luck there. Do I edit the manifest file?
This *is* the correct way to define the default location of
named.conf.
I attempted named -c /etc/named.conf with no luck
This *must* work. However, your description "no luck" isn't enough.
Can
you describe exactly what happened when you named "named -c
/etc/named.conf"?
$ named -g:
Run "named -c /etc/named.conf -g" and see what happens.
Regards,
Anand
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
ISC funds the development of this software with paid support
subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
If your still getting the same "ports in use" error then named is most
likely still running somewhere. Make sure it is disabled from SMF
`svcadm disable dns/server` and from any command line execution `pkill
named`. Make sure it is no longer running with `pgrep named`
Default SMF properties for dns/server can be shown with svcprop:
```
% svcprop -p options dns/server
options/chroot_dir astring ""
options/configuration_file astring ""
options/crypto_engine astring ""
options/debug_level integer 0
options/ip_interfaces astring all
options/listen_on_port integer 0
options/listener_threads integer 0
options/server astring ""
options/threads integer 0
```
And the starter
```
% svcprop -p start/exec dns/server
/lib/svc/method/dns-server\ %m\ %i
```
The starter script assumes /etc/named.conf if no configuration file is provided in the property configuration_file, though it does not specify
that to the named command line as that is also the default compiled into Oracle Solaris version of bind:
```
% /usr/sbin/named -V | fmt |grep etc
'--sysconfdir=/etc' '--localstatedir=/var'
```
See **dns-server(8s)** on Solaris for further information on the
properties.
Mr. Stacey Marshall - Principal Software Engineer
Oracle Global Services Limited
--=_MailMate_BF2EB815-0FAF-412C-B878-A0FAE54FE446_=
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE html>
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/xhtml; charset=3Dutf-8"=
</head>
<body>
<div><div class=3D"markdown">
<p dir=3D"auto">On 1 Jun 2020, at 20:49, DeCaro, James John (Jim) CIV DIS=
A FE (USA) via bind-users wrote:</p>
</div>
<div class=3D"plaintext"><blockquote><p dir=3D"auto">Also, BIND binaries =
are located in /usr/bin and /usr/sbin --sorry I forgot to mention that.=
I went ahead and re-compiled with ./configure --enable-full-report --wi= th-gssapi=3Dkrb5-config --sysconfdir=3D/etc --with-openssl=3D/usr/local -= -localstatedir=3D/var --enable-fixed-rrset and installed it, now the defa=
ult directories are correct but the service still goes into maintenance w=
ith the same error as produced by named -c /etc/named.conf -g.<br>
I apologize that my inexperience makes this confusing.<br>
V/R<br>
Jim DeCaro<br>
DISA<br>
Systems Administrator<br>
Windows and Unix Server Operations<br>
FE222/DoDNet Service Section<br>
Defense Enclave Services Directorate<br>
=E2=98=8E 301-225-8180<br>
=E2=98=8E 301-375-8180<br>
James.j.decaro3.civ@mail.mil<br>
James.j.decaro3.civ@mail.smil.mil<br>
"If you always do what you always did you will always get what you a= lways got."<br>
-----Original Message-----<br>
From: DeCaro, James John (Jim) CIV DISA FE (USA)<br>
Sent: Monday, June 1, 2020 3:23 PM<br>
To: 'Anand Buddhdev' <
anandb@ripe.net>;
bind-users@lists.is= c.org<br>
Subject: RE: [Non-DoD Source] Re: BIND installed on a Solaris 11.4 x 86 v= irtual server<br>
named -c /etc/named.conf -g<br>
01-Jun-2020 15:02:22.034 starting BIND 9.16.3 (Stable Release) <id:5ea= 41c1><br>
01-Jun-2020 15:02:22.034 running on SunOS i86pc 5.11 11.4.20.4.0<br> 01-Jun-2020 15:02:22.034 built with '--with-gssapi=3Dkrb5-config'=
'LDFLAGS=3D-L/usr/local/lib -R/usr/local/lib' 'PKG_CONFIG_PA= TH=3D/usr/lib/pkgconfig:/usr/local/lib/pkgconfig'<br>
01-Jun-2020 15:02:22.034 running as: named -c /etc/named.conf -g<br> 01-Jun-2020 15:02:22.034 compiled by GCC 9.2.0<br>
01-Jun-2020 15:02:22.034 compiled with OpenSSL version: OpenSSL 1.1.1b 2=
6 Feb 2019<br>
01-Jun-2020 15:02:22.034 linked to OpenSSL version: OpenSSL 1.1.1b 26 Fe=
b 2019<br>
01-Jun-2020 15:02:22.034 compiled with libxml2 version: 2.9.9<br>
01-Jun-2020 15:02:22.034 linked to libxml2 version: 20909<br>
01-Jun-2020 15:02:22.035 compiled with json-c version: 0.12<br>
01-Jun-2020 15:02:22.035 linked to json-c version: 0.12<br>
01-Jun-2020 15:02:22.035 compiled with zlib version: 1.2.11<br>
01-Jun-2020 15:02:22.035 linked to zlib version: 1.2.11<br>
01-Jun-2020 15:02:22.035 ------------------------------------------------= ----<br>
01-Jun-2020 15:02:22.035 BIND 9 is maintained by Internet Systems Consort= ium,<br>
01-Jun-2020 15:02:22.035 Inc. (ISC), a non-profit 501(c)(3) public-benefi= t<br>
01-Jun-2020 15:02:22.035 corporation. Support and training for BIND 9 ar= e<br>
01-Jun-2020 15:02:22.035 available at <a href=3D"
https://www.isc.org/supp= ort">
https://www.isc.org/support</a><br>
01-Jun-2020 15:02:22.035 ------------------------------------------------= ----<br>
01-Jun-2020 15:02:22.035 found 2 CPUs, using 2 worker threads<br>
01-Jun-2020 15:02:22.035 using 2 UDP listeners per interface<br>
01-Jun-2020 15:02:22.038 using up to 21000 sockets<br>
01-Jun-2020 15:02:22.044 loading configuration from '/etc/named.conf&=
#39; <<----------------------------correct<br>
01-Jun-2020 15:02:22.046 reading built-in trust anchors from file '/u= sr/local/etc/bind.keys'<br>
01-Jun-2020 15:02:22.049 using default UDP/IPv4 port range: [1024, 65535]=
01-Jun-2020 15:02:22.050 using default UDP/IPv6 port range: [1024, 65535]=
01-Jun-2020 15:02:22.051 listening on IPv4 interface net1, <IP> #53=
01-Jun-2020 15:02:22.053 creating TCP socket: address in use <<----= ----------------------????<br>
01-Jun-2020 15:02:22.053 IPv6 socket API is incomplete; explicitly bindin=
g to each IPv6 address separately<br>
01-Jun-2020 15:02:22.053 listening on IPv6 interface lo0, ::1#53<br> 01-Jun-2020 15:02:22.055 creating TCP socket: address in use <<----= ----------------------????<br>
01-Jun-2020 15:02:22.055 unable to listen on any configured interfaces<br=
01-Jun-2020 15:02:22.056 loading configuration: failure <<---------= ------------------------????<br>
01-Jun-2020 15:02:22.056 exiting (due to fatal error)<br>
OK, thanks I did not read it closely enough the first time. However it i=
s still not loading. I had disabled svc:/network/dns/server:default prio=
r to running the command to avoid 2 instances of named running and got th=
e above output. When I enable it, it goes into maintenance. When I try = named -c /etc/named.conf -g when dns/server is enabled (in maintenance) I=
get the same result as above.<br>
Note: the named.conf file is blank.<br>
Named -V<br>
BIND 9.16.3 (Stable Release) <id:5ea41c1><br>
running on SunOS i86pc 5.11 11.4.20.4.0<br>
built by make with '--with-gssapi=3Dkrb5-config' 'LDFLAGS=3D-= L/usr/local/lib -R/usr/local/lib' 'PKG_CONFIG_PATH=3D/usr/lib/pkg= config:/usr/local/lib/pkgconfig'<br>
compiled by GCC 9.2.0<br>
compiled with OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019<br>
linked to OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019<br>
compiled with libxml2 version: 2.9.9<br>
linked to libxml2 version: 20909<br>
compiled with json-c version: 0.12<br>
linked to json-c version: 0.12<br>
compiled with zlib version: 1.2.11<br>
linked to zlib version: 1.2.11<br>
threads support is enabled<br>
default paths: <<------------------------incorrect<br>
named configuration: /usr/local/etc/named.conf<br>
rndc configuration: /usr/local/etc/rndc.conf<br>
DNSSEC root key: /usr/local/etc/bind.keys<br>
nsupdate session key: /usr/local/var/run/named/session.key<br>
named PID file: /usr/local/var/run/named/named.pid<br>
named lock file: /usr/local/var/run/named/named.lock<br>
------------------->>default paths: these are not what I was shoo=
ting for --should be:<br>
named configuration: /etc/named.conf<br>
rndc configuration: /etc/rndc.conf<br>
DNSSEC root key: /etc/bind.keys<br>
nsupdate session key: /usr/var/run/named/session.key<br>
named PID file: /usr/var/run/named/named.pid<br>
named lock file: /usr/var/run/named/named.lock<br>
Thank you<br>
V/R<br>
Jim DeCaro<br>
DISA<br>
Systems Administrator<br>
Windows and Unix Server Operations<br>
FE222/DoDNet Service Section<br>
Defense Enclave Services Directorate<br>
=E2=98=8E 301-225-8180<br>
=E2=98=8E 301-375-8180<br>
James.j.decaro3.civ@mail.mil<br>
James.j.decaro3.civ@mail.smil.mil<br>
"If you always do what you always did you will always get what you a= lways got."<br>
-----Original Message-----<br>
From: Anand Buddhdev <
anandb@ripe.net><br>
Sent: Monday, June 1, 2020 3:00 PM<br>
To: DeCaro, James John (Jim) CIV DISA FE (USA) <james.j.decaro3.civ@ma= il.mil>;
bind-users@lists.isc.org<br>
Subject: [Non-DoD Source] Re: BIND installed on a Solaris 11.4 x 86 virtu=
al server<br>
On 01/06/2020 20:08, DeCaro, James John (Jim) CIV DISA FE (USA) via<br> bind-users wrote:<br>
Hi Jim,<br>
<blockquote><p dir=3D"auto">Installed BIND 9.16.3 and I discovered that t=
he SMF dns/server is<br>
trying to read named.conf from /usr/local/etc/:<br> "/usr/local/etc/named.conf: file not found". I am trying to fi= gure<br>
out how point named to read /etc/named.conf.</p>
</blockquote><p dir=3D"auto">I last touched SMF over 15 years ago, and I = don't remember enough about<br>
it now, so I can't speak for the SMF parts of your question.<br>
<blockquote><p dir=3D"auto">I did try re-compiling BIND with different sw= itches but it resulted<br>
in the same thing. Is there an environment variable or a ./configure<br>=
switch to re-point the default to /etc/named.conf? I tried<br> '--sysconfdir=3D/etc' --no luck there. Do I edit the manifest f= ile?</p>
</blockquote><p dir=3D"auto">This *is* the correct way to define the defa=
ult location of named.conf.<br>
<blockquote><p dir=3D"auto">I attempted named -c /etc/named.conf with no=
luck</p>
</blockquote><p dir=3D"auto">This *must* work. However, your description = "no luck" isn't enough. Can<br>
you describe exactly what happened when you named "named -c<br> /etc/named.conf"?<br>
<blockquote><p dir=3D"auto">$ named -g:</p>
</blockquote><p dir=3D"auto">Run "named -c /etc/named.conf -g" =
and see what happens.<br>
Regards,<br>
Anand<br>
_______________________________________________<br>
Please visit <a href=3D"
https://lists.isc.org/mailman/listinfo/bind-users= ">
https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe fr=
om this list<br>
ISC funds the development of this software with paid support subscription=
s. Contact us at <a href=3D"
https://www.isc.org/contact/">https://www.isc= =2Eorg/contact/</a> for more information.<br>
bind-users mailing list<br>
bind-users@lists.isc.org<br>
<a href=3D"
https://lists.isc.org/mailman/listinfo/bind-users">https://lis= ts.isc.org/mailman/listinfo/bind-users</a></p>
</blockquote></div>
<div class=3D"markdown">
<p dir=3D"auto">If your still getting the same "ports in use" error then = named is most likely still running somewhere. Make sure it is disabled f=
rom SMF <code>svcadm disable dns/server</code> and from any command line = execution <code>pkill named</code>. Make sure it is no longer running wi=
th <code>pgrep named</code></p>
<p dir=3D"auto">Default SMF properties for dns/server can be shown with s= vcprop:</p>
<pre><code>% svcprop -p options dns/server
options/chroot_dir astring ""
options/configuration_file astring ""
options/crypto_engine astring ""
options/debug_level integer 0
options/ip_interfaces astring all
options/listen_on_port integer 0
options/listener_threads integer 0
options/server astring ""
options/threads integer 0
</code></pre>
<p dir=3D"auto">And the starter</p>
<pre><code>% svcprop -p start/exec dns/server
/lib/svc/method/dns-server\ %m\ %i
</code></pre>
<p dir=3D"auto">The starter script assumes /etc/named.conf if no configur= ation file is provided in the property configuration_file, though it does=
not specify that to the named command line as that is also the default c= ompiled into Oracle Solaris version of bind:</p>
<pre><code>% /usr/sbin/named -V | fmt |grep etc
'--sysconfdir=3D/etc' '--localstatedir=3D/var'
</code></pre>
<p dir=3D"auto">See <strong>dns-server(8s)</strong> on Solaris for furthe=
r information on the properties.</p>
<p dir=3D"auto">Mr. Stacey Marshall - Principal Software Engineer<br>
Oracle Global Services Limited</p>
</div>
</div>
</body>
</html>
--=_MailMate_BF2EB815-0FAF-412C-B878-A0FAE54FE446_=--
--- Synchronet 3.18a-Linux NewsLink 1.113