Hi All,
Fedora 34 bind-chroot-9.16.16-1.fc34.x86_64
I am trying to clean up my bind-chroot forward and reverse files.
The goal is to have bind-chroot do its thing by duplicating these two files over into /var/named/chroot/var/named/slaves/ with the identical inodes like it does with named.root and named.root.key:
# stat /etc/named.root.key /var/named/chroot/etc/named.root.key ... File: /etc/named.root.key Inode: 60033354 ... File: /var/named/chroot/etc/named.root.key ... Inode: 60033354
In my /etc/named.conf, I have
zone "abc.local" { type master; # file "/var/named/chroot/var/named/slaves/abc.hosts"; file "slaves/abc.hosts"; allow-update { key DHCP_UPDATER; }; };
zone "255.168.192.in-addr.arpa" { type master; # file "/var/named/chroot/var/named/slaves/abc.hosts.rev"; file "slaves/abc.hosts.rev"; allow-update { key DHCP_UPDATER; }; };
After I stopped # systemctl start named-chroot I copied and moved the following:
Before: # find /var/named/ -iname abc.hosts* /var/named/chroot/var/named/slaves/abc.hosts.000 /var/named/chroot/var/named/slaves/abc.hosts.rev.000
# cp /var/named/chroot/var/named/slaves/abc.hosts /var/named/chroot/var/named/slaves/abc.hosts.000 # mv /var/named/chroot/var/named/slaves/abc.hosts . # cp /var/named/chroot/var/named/slaves/abc.hosts.rev /var/named/chroot/var/named/slaves/abc.hosts.rev.000 # mv /var/named/chroot/var/named/slaves/abc.hosts.rev . # find /var/named/ -iname abc.hosts*
After: # find /var/named/ -iname abc.hosts* /var/named/slaves/abc.hosts.rev /var/named/slaves/abc.hosts /var/named/chroot/var/named/slaves/abc.hosts.000 /var/named/chroot/var/named/slaves/abc.hosts.rev.000
But when I restarted named-chroot, my great plans got dashed:
# systemctl start named-chroot ... Jun 24 20:35:45 rn6.abc.local bash[83464]: zone abc.local/IN: loading from master file /slaves/abc.hosts faile> Jun 24 20:35:45 rn6.abc.local bash[83464]: zone abc.local/IN: not loaded due to errors. Jun 24 20:35:45 rn6.abc.local bash[83464]: _default/abc.local/IN: file not found Jun 24 20:35:45 rn6.abc.local bash[83464]: zone 255.168.192.in-addr.arpa/IN: loading from master file /slaves/abc.host> Jun 24 20:35:45 rn6.abc.local bash[83464]: zone 255.168.192.in-addr.arpa/IN: not loaded due to errors. Jun 24 20:35:45 rn6.abc.local bash[83464]: _default/255.168.192.in-addr.arpa/IN: file not found Jun 24 20:35:45 rn6.abc.local bash[83464]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
named-chroot can't find abc.hosts or abc.hosts.rev in /var/named/chroot/var/named/slaves
And in case they got copied to somewhere else I did another find: # find /var/named/ -iname abc.hosts* /var/named/slaves/abc.hosts.rev /var/named/slaves/abc.hosts /var/named/chroot/var/named/slaves/abc.hosts.000 /var/named/chroot/var/named/slaves/abc.hosts.rev.000
No change.
What am I missing?
Many thanks, -T
On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
I am trying to clean up my bind-chroot forward and reverse files.
The goal is to have bind-chroot do its thing by duplicating these two files over into /var/named/chroot/var/named/slaves/ with the identical inodes like it does with named.root and named.root.key:
Hang on... If you're wanting it to bring things from outside of the chroot into it, what's the point of chrooting? You're breaking the jail by doing that.
The old approach was you created all the files in the chroot, where bind-chroot makes use of them. And, you have a link outside of the chroot into it, so that *you* can edit /etc/named.something without thinking about it. But, ultimately, you shouldn't need any files outside of the chroot, at all. And there's probably some advantage in just having one set (less confusing for you, at the very least).
On 6/25/21 12:24 AM, Tim via users wrote:
On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
I am trying to clean up my bind-chroot forward and reverse files.
The goal is to have bind-chroot do its thing by duplicating these two files over into /var/named/chroot/var/named/slaves/ with the identical inodes like it does with named.root and named.root.key:
Hang on... If you're wanting it to bring things from outside of the chroot into it, what's the point of chrooting? You're breaking the jail by doing that.
The old approach was you created all the files in the chroot, where bind-chroot makes use of them. And, you have a link outside of the chroot into it, so that *you* can edit /etc/named.something without thinking about it. But, ultimately, you shouldn't need any files outside of the chroot, at all. And there's probably some advantage in just having one set (less confusing for you, at the very least).
Hi Tim,
Bing-chroot uses "mount --bind". It is not occurring on my zone files.
For a good explanation, see
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
-T
On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
On 6/25/21 12:24 AM, Tim via users wrote:
On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
I am trying to clean up my bind-chroot forward and reverse files.
The goal is to have bind-chroot do its thing by duplicating these two files over into /var/named/chroot/var/named/slaves/ with the identical inodes like it does with named.root and named.root.key:
Hang on... If you're wanting it to bring things from outside of the chroot into it, what's the point of chrooting? You're breaking the jail by doing that.
The old approach was you created all the files in the chroot, where bind-chroot makes use of them. And, you have a link outside of the chroot into it, so that *you* can edit /etc/named.something without thinking about it. But, ultimately, you shouldn't need any files outside of the chroot, at all. And there's probably some advantage in just having one set (less confusing for you, at the very least).
Hi Tim,
Bing-chroot uses "mount --bind". It is not occurring on my zone files.
For a good explanation, see
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
-T
I have moved my zone fines to /var/named
Mount bind still does not get them. I had to manually copy them over.
zone "abc.local" { type master; # file "/var/named/chroot/var/named/abc.hosts"; file "abc.hosts"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
zone "255.168.192.in-addr.arpa" { type master; # file "/var/named/chroot/var/named/abc.hosts.rev"; file "abc.hosts.rev"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
On 28/06/2021 06:40, ToddAndMargo via users wrote:
On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
On 6/25/21 12:24 AM, Tim via users wrote:
On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
I am trying to clean up my bind-chroot forward and reverse files.
The goal is to have bind-chroot do its thing by duplicating these two files over into /var/named/chroot/var/named/slaves/ with the identical inodes like it does with named.root and named.root.key:
Hang on... If you're wanting it to bring things from outside of the chroot into it, what's the point of chrooting? You're breaking the jail by doing that.
The old approach was you created all the files in the chroot, where bind-chroot makes use of them. And, you have a link outside of the chroot into it, so that *you* can edit /etc/named.something without thinking about it. But, ultimately, you shouldn't need any files outside of the chroot, at all. And there's probably some advantage in just having one set (less confusing for you, at the very least).
Hi Tim,
Bing-chroot uses "mount --bind". It is not occurring on my zone files.
For a good explanation, see
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
-T
I have moved my zone fines to /var/named
Mount bind still does not get them. I had to manually copy them over.
zone "abc.local" { type master; # file "/var/named/chroot/var/named/abc.hosts"; file "abc.hosts"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
zone "255.168.192.in-addr.arpa" { type master; # file "/var/named/chroot/var/named/abc.hosts.rev"; file "abc.hosts.rev"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
You may want to start "clean".
First stop named-chroot and start the named server to make sure it doesn't produced erros. If that check ok, then stop named.
Then do
rpm -e --nodeps bind-chroot rm -rf /var/named/chroot dnf install bind-chroot
Then, without moving any files or doing anything, start named-chroot
FYI, I just did the above procedure on my test system without trouble.
On 6/27/21 5:34 PM, Ed Greshko wrote:
On 28/06/2021 06:40, ToddAndMargo via users wrote:
On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
On 6/25/21 12:24 AM, Tim via users wrote:
On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
I am trying to clean up my bind-chroot forward and reverse files.
The goal is to have bind-chroot do its thing by duplicating these two files over into /var/named/chroot/var/named/slaves/ with the identical inodes like it does with named.root and named.root.key:
Hang on... If you're wanting it to bring things from outside of the chroot into it, what's the point of chrooting? You're breaking the jail by doing that.
The old approach was you created all the files in the chroot, where bind-chroot makes use of them. And, you have a link outside of the chroot into it, so that *you* can edit /etc/named.something without thinking about it. But, ultimately, you shouldn't need any files outside of the chroot, at all. And there's probably some advantage in just having one set (less confusing for you, at the very least).
Hi Tim,
Bing-chroot uses "mount --bind". It is not occurring on my zone files.
For a good explanation, see
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
-T
I have moved my zone fines to /var/named
Mount bind still does not get them. I had to manually copy them over.
zone "abc.local" { type master; # file "/var/named/chroot/var/named/abc.hosts"; file "abc.hosts"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
zone "255.168.192.in-addr.arpa" { type master; # file "/var/named/chroot/var/named/abc.hosts.rev"; file "abc.hosts.rev"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
You may want to start "clean".
First stop named-chroot and start the named server to make sure it doesn't produced erros. If that check ok, then stop named.
Then do
rpm -e --nodeps bind-chroot rm -rf /var/named/chroot dnf install bind-chroot
Then, without moving any files or doing anything, start named-chroot
FYI, I just did the above procedure on my test system without trouble.
Did it do a mount --bind on your zone files?
On 28/06/2021 09:39, ToddAndMargo via users wrote:
On 6/27/21 5:34 PM, Ed Greshko wrote:
On 28/06/2021 06:40, ToddAndMargo via users wrote:
On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
On 6/25/21 12:24 AM, Tim via users wrote:
On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
I am trying to clean up my bind-chroot forward and reverse files.
The goal is to have bind-chroot do its thing by duplicating these two files over into /var/named/chroot/var/named/slaves/ with the identical inodes like it does with named.root and named.root.key:
Hang on... If you're wanting it to bring things from outside of the chroot into it, what's the point of chrooting? You're breaking the jail by doing that.
The old approach was you created all the files in the chroot, where bind-chroot makes use of them. And, you have a link outside of the chroot into it, so that *you* can edit /etc/named.something without thinking about it. But, ultimately, you shouldn't need any files outside of the chroot, at all. And there's probably some advantage in just having one set (less confusing for you, at the very least).
Hi Tim,
Bing-chroot uses "mount --bind". It is not occurring on my zone files.
For a good explanation, see
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
-T
I have moved my zone fines to /var/named
Mount bind still does not get them. I had to manually copy them over.
zone "abc.local" { type master; # file "/var/named/chroot/var/named/abc.hosts"; file "abc.hosts"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
zone "255.168.192.in-addr.arpa" { type master; # file "/var/named/chroot/var/named/abc.hosts.rev"; file "abc.hosts.rev"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
You may want to start "clean".
First stop named-chroot and start the named server to make sure it doesn't produced erros. If that check ok, then stop named.
Then do
rpm -e --nodeps bind-chroot rm -rf /var/named/chroot dnf install bind-chroot
Then, without moving any files or doing anything, start named-chroot
FYI, I just did the above procedure on my test system without trouble.
Did it do a mount --bind on your zone files?
Of course......
● named-chroot.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named-chroot.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2021-06-28 08:27:44 CST; 1h 15min ago Process: 6305 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -t /var/named/chroot -z "$NAMEDCONF"; else echo "Checking of zone > Process: 6307 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} -t /var/named/chroot $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 6308 (named) Tasks: 4 (limit: 2504) Memory: 57.8M CPU: 170ms CGroup: /system.slice/named-chroot.service └─6308 /usr/sbin/named -u named -c /etc/named.conf -t /var/named/chroot
Jun 28 08:27:44 f33k.greshko.com named[6308]: all zones loaded Jun 28 08:27:44 f33k.greshko.com named[6308]: running Jun 28 08:27:44 f33k.greshko.com named[6308]: zone greshko.com/IN: sending notifies (serial 1623223423) Jun 28 08:27:45 f33k.greshko.com named[6308]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted Jun 28 08:27:45 f33k.greshko.com named[6308]: resolver priming query complete
On 28/06/2021 09:44, Ed Greshko wrote:
On 28/06/2021 09:39, ToddAndMargo via users wrote:
On 6/27/21 5:34 PM, Ed Greshko wrote:
On 28/06/2021 06:40, ToddAndMargo via users wrote:
On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
On 6/25/21 12:24 AM, Tim via users wrote:
On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote: > I am trying to clean up my bind-chroot forward and reverse files. > > The goal is to have bind-chroot do its thing by duplicating > these two files over into > /var/named/chroot/var/named/slaves/ > with the identical inodes like it does with named.root and > named.root.key:
Hang on... If you're wanting it to bring things from outside of the chroot into it, what's the point of chrooting? You're breaking the jail by doing that.
The old approach was you created all the files in the chroot, where bind-chroot makes use of them. And, you have a link outside of the chroot into it, so that *you* can edit /etc/named.something without thinking about it. But, ultimately, you shouldn't need any files outside of the chroot, at all. And there's probably some advantage in just having one set (less confusing for you, at the very least).
Hi Tim,
Bing-chroot uses "mount --bind". It is not occurring on my zone files.
For a good explanation, see
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
-T
I have moved my zone fines to /var/named
Mount bind still does not get them. I had to manually copy them over.
zone "abc.local" { type master; # file "/var/named/chroot/var/named/abc.hosts"; file "abc.hosts"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
zone "255.168.192.in-addr.arpa" { type master; # file "/var/named/chroot/var/named/abc.hosts.rev"; file "abc.hosts.rev"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
You may want to start "clean".
First stop named-chroot and start the named server to make sure it doesn't produced erros. If that check ok, then stop named.
Then do
rpm -e --nodeps bind-chroot rm -rf /var/named/chroot dnf install bind-chroot
Then, without moving any files or doing anything, start named-chroot
FYI, I just did the above procedure on my test system without trouble.
Did it do a mount --bind on your zone files?
Of course......
and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/ /var/named/chroot/var/named/slaves/: 2415417 greshko.com.zone
/var/named/slaves/: 2415417 greshko.com.zone
On 6/27/21 6:47 PM, Ed Greshko wrote:
On 28/06/2021 09:44, Ed Greshko wrote:
On 28/06/2021 09:39, ToddAndMargo via users wrote:
On 6/27/21 5:34 PM, Ed Greshko wrote:
On 28/06/2021 06:40, ToddAndMargo via users wrote:
On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
On 6/25/21 12:24 AM, Tim via users wrote: > On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote: >> I am trying to clean up my bind-chroot forward and reverse files. >> >> The goal is to have bind-chroot do its thing by duplicating >> these two files over into >> /var/named/chroot/var/named/slaves/ >> with the identical inodes like it does with named.root and >> named.root.key: > > Hang on... If you're wanting it to bring things from outside of the > chroot into it, what's the point of chrooting? You're breaking the > jail by doing that. > > The old approach was you created all the files in the chroot, where > bind-chroot makes use of them. And, you have a link outside of the > chroot into it, so that *you* can edit /etc/named.something without > thinking about it. But, ultimately, you shouldn't need any files > outside of the chroot, at all. And there's probably some > advantage in > just having one set (less confusing for you, at the very least). >
Hi Tim,
Bing-chroot uses "mount --bind". It is not occurring on my zone files.
For a good explanation, see
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
-T
I have moved my zone fines to /var/named
Mount bind still does not get them. I had to manually copy them over.
zone "abc.local" { type master; # file "/var/named/chroot/var/named/abc.hosts"; file "abc.hosts"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
zone "255.168.192.in-addr.arpa" { type master; # file "/var/named/chroot/var/named/abc.hosts.rev"; file "abc.hosts.rev"; allow-update { key DHCP_UPDATER; }; # allow-update { 127.0.0.1; }; };
You may want to start "clean".
First stop named-chroot and start the named server to make sure it doesn't produced erros. If that check ok, then stop named.
Then do
rpm -e --nodeps bind-chroot rm -rf /var/named/chroot dnf install bind-chroot
Then, without moving any files or doing anything, start named-chroot
FYI, I just did the above procedure on my test system without trouble.
Did it do a mount --bind on your zone files?
Of course......
and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/ /var/named/chroot/var/named/slaves/: 2415417 greshko.com.zone
/var/named/slaves/: 2415417 greshko.com.zone
Can I talk you out of a?
# stat /var/named/slaves/ | grep Inode # stat /var/named/chroot/var/named/slaves/ | grep Inode
On 28/06/2021 10:07, ToddAndMargo via users wrote:
On 6/27/21 6:47 PM, Ed Greshko wrote:
On 28/06/2021 09:44, Ed Greshko wrote: and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/ /var/named/chroot/var/named/slaves/: 2415417 greshko.com.zone
/var/named/slaves/: 2415417 greshko.com.zone
Can I talk you out of a?
# stat /var/named/slaves/ | grep Inode # stat /var/named/chroot/var/named/slaves/ | grep Inode
[root@f33k ~]# stat /var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1 [root@f33k ~]# stat /var/named/chroot/var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1
On 6/27/21 7:13 PM, Ed Greshko wrote:
On 28/06/2021 10:07, ToddAndMargo via users wrote:
On 6/27/21 6:47 PM, Ed Greshko wrote:
On 28/06/2021 09:44, Ed Greshko wrote: and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/ /var/named/chroot/var/named/slaves/: 2415417 greshko.com.zone
/var/named/slaves/: 2415417 greshko.com.zone
Can I talk you out of a?
# stat /var/named/slaves/ | grep Inode # stat /var/named/chroot/var/named/slaves/ | grep Inode
[root@f33k ~]# stat /var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1 [root@f33k ~]# stat /var/named/chroot/var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1
Awesome!
On 28/06/2021 10:26, ToddAndMargo via users wrote:
On 6/27/21 7:13 PM, Ed Greshko wrote:
On 28/06/2021 10:07, ToddAndMargo via users wrote:
On 6/27/21 6:47 PM, Ed Greshko wrote:
On 28/06/2021 09:44, Ed Greshko wrote: and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/ /var/named/chroot/var/named/slaves/: 2415417 greshko.com.zone
/var/named/slaves/: 2415417 greshko.com.zone
Can I talk you out of a?
# stat /var/named/slaves/ | grep Inode # stat /var/named/chroot/var/named/slaves/ | grep Inode
[root@f33k ~]# stat /var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1 [root@f33k ~]# stat /var/named/chroot/var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1
Awesome!
Even more awesome when your issue is resolved.
On 28/06/2021 10:26, ToddAndMargo via users wrote:
On 6/27/21 7:13 PM, Ed Greshko wrote:
On 28/06/2021 10:07, ToddAndMargo via users wrote:
On 6/27/21 6:47 PM, Ed Greshko wrote:
On 28/06/2021 09:44, Ed Greshko wrote: and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/ /var/named/chroot/var/named/slaves/: 2415417 greshko.com.zone
/var/named/slaves/: 2415417 greshko.com.zone
Can I talk you out of a?
# stat /var/named/slaves/ | grep Inode # stat /var/named/chroot/var/named/slaves/ | grep Inode
[root@f33k ~]# stat /var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1 [root@f33k ~]# stat /var/named/chroot/var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1
Awesome!
So, are we to assume that your issue is resolved?
On 6/29/21 5:07 PM, Ed Greshko wrote:
On 28/06/2021 10:26, ToddAndMargo via users wrote:
On 6/27/21 7:13 PM, Ed Greshko wrote:
On 28/06/2021 10:07, ToddAndMargo via users wrote:
On 6/27/21 6:47 PM, Ed Greshko wrote:
On 28/06/2021 09:44, Ed Greshko wrote: and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/ /var/named/chroot/var/named/slaves/: 2415417 greshko.com.zone
/var/named/slaves/: 2415417 greshko.com.zone
Can I talk you out of a?
# stat /var/named/slaves/ | grep Inode # stat /var/named/chroot/var/named/slaves/ | grep Inode
[root@f33k ~]# stat /var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1 [root@f33k ~]# stat /var/named/chroot/var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1
Awesome!
So, are we to assume that your issue is resolved?
Not yet. No free time to work on it. I definitely will get back.
On 30/06/2021 10:00, ToddAndMargo via users wrote:
On 6/29/21 5:07 PM, Ed Greshko wrote:
On 28/06/2021 10:26, ToddAndMargo via users wrote:
On 6/27/21 7:13 PM, Ed Greshko wrote:
On 28/06/2021 10:07, ToddAndMargo via users wrote:
On 6/27/21 6:47 PM, Ed Greshko wrote:
On 28/06/2021 09:44, Ed Greshko wrote: and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/ /var/named/chroot/var/named/slaves/: 2415417 greshko.com.zone
/var/named/slaves/: 2415417 greshko.com.zone >
Can I talk you out of a?
# stat /var/named/slaves/ | grep Inode # stat /var/named/chroot/var/named/slaves/ | grep Inode
[root@f33k ~]# stat /var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1 [root@f33k ~]# stat /var/named/chroot/var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1
Awesome!
So, are we to assume that your issue is resolved?
Not yet. No free time to work on it. I definitely will get back.
Oh, I thought that asking about pasting pre-configured text meant you had more free time.
On 6/29/21 7:00 PM, ToddAndMargo via users wrote:
On 6/29/21 5:07 PM, Ed Greshko wrote:
On 28/06/2021 10:26, ToddAndMargo via users wrote:
On 6/27/21 7:13 PM, Ed Greshko wrote:
On 28/06/2021 10:07, ToddAndMargo via users wrote:
On 6/27/21 6:47 PM, Ed Greshko wrote:
On 28/06/2021 09:44, Ed Greshko wrote: and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/ /var/named/chroot/var/named/slaves/: 2415417 greshko.com.zone
/var/named/slaves/: 2415417 greshko.com.zone >
Can I talk you out of a?
# stat /var/named/slaves/ | grep Inode # stat /var/named/chroot/var/named/slaves/ | grep Inode
[root@f33k ~]# stat /var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1 [root@f33k ~]# stat /var/named/chroot/var/named/slaves/ | grep Inode Device: 20h/32d Inode: 1937752 Links: 1
Awesome!
So, are we to assume that your issue is resolved?
Not yet. No free time to work on it. I definitely will get back.
Hi Ed,
Wonderful directions! I got my ass handed to me at start regular bind. Happy camping has resumed!
-T
I added to your directions:
bind-chroot: how to start over clean:
On 6/27/21 5:34 PM, Ed Greshko wrote (with additions from T):
0) backup your zone tables (3+), named.confg. named.root.key files
1) stop named-chroot, # systemctl stop named-chroot.service Verify it is dead: # systemctl status named-chroot.service
2) start the named server # systemctl start named.service
make sure it doesn't produced erros. Fix any you do find
To check errors: # systemctl status named.service
3) If that check ok, then stop named. # systemctl stop named.service
4) Then do
Remove: # rpm -e --nodeps bind-chroot # rm -rf /var/named/chroot
Reinstall: # dnf install bind-chroot # systemctl enable named-chroot.service
5) Then, without moving any files or doing anything, start named-chroot # systemctl start named-chroot.service
6) double check your mount --bind's
# stat /etc/named.root.key | grep Inode | awk '{print $3 " " $4}' Inode: 60033354 # stat /var/named/chroot/etc/named.root.key | grep Inode | awk '{print $3 " " $4}' Inode: 60033354
# stat /etc/named.conf | grep Inode | awk '{print $3 " " $4}' Inode: 27396278 # stat /var/named/chroot/etc/named.conf | grep Inode | awk '{print $3 " " $4}' Inode: 27396278
# stat /var/named/named.local | grep Inode | awk '{print $3 " " $4}' Inode: 20186605 # stat /var/named/chroot/var/named/named.local | grep Inode | awk '{print $3 " " $4}' Inode: 20186605
# stat /var/named/ abc.hosts | grep Inode | awk '{print $3 " " $4}' Inode: 20186593 # stat /var/named/chroot/var/named/ abc.hosts | grep Inode | awk '{print $3 " " $4}' Inode: 20186593
# stat /var/named/ abc.hosts.rev | grep Inode | awk '{print $3 " " $4}' Inode: 20186599 # stat /var/named/chroot/var/named/ abc.hosts.rev | grep Inode | awk '{print $3 " " $4}' Inode: 20186599
-
Ed Greshko -
Tim -
ToddAndMargo