Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.protocols.dns.bind > #15967

Re: root.hints access errors with Ubuntu BIND 9.16.4 16.04 PPA

Path csiph.com!newsfeed.xs4all.nl!newsfeed9.news.xs4all.nl!news.uzoreto.com!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail
From Mark Andrews <marka@isc.org>
Newsgroups comp.protocols.dns.bind
Subject Re: root.hints access errors with Ubuntu BIND 9.16.4 16.04 PPA
Date Fri, 10 Jul 2020 08:19:36 +1000
Lines 122
Approved bind-users@lists.isc.org
Message-ID <mailman.690.1594333149.942.bind-users@lists.isc.org> (permalink)
References <alpine.DEB.2.21.2007091530300.26964@pannier.local> <22E9E99C-4732-4EE4-ACBF-33F9310B3AD5@isc.org>
NNTP-Posting-Host lists.isc.org
Mime-Version 1.0 (Mac OS X Mail 11.5 \(3445.9.5\))
Content-Type text/plain; charset=utf-8
Content-Transfer-Encoding quoted-printable
X-Trace usenet.stanford.edu 1594333184 4888 149.20.1.60 (9 Jul 2020 22:19:44 GMT)
X-Complaints-To action@cs.stanford.edu
Cc bind-users <bind-users@lists.isc.org>
To Brett Delmage <Brett@BrettDelmage.ca>
Return-Path <marka@isc.org>
X-Original-To bind-users@lists.isc.org
Delivered-To bind-users@lists.isc.org
In-Reply-To <alpine.DEB.2.21.2007091530300.26964@pannier.local>
X-Mailer Apple Mail (2.3445.9.5)
X-BeenThere bind-users@lists.isc.org
X-Mailman-Version 2.1.29
Precedence list
List-Id BIND Users Mailing List <bind-users.lists.isc.org>
List-Unsubscribe <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe>
List-Archive <https://lists.isc.org/pipermail/bind-users/>
List-Post <mailto:bind-users@lists.isc.org>
List-Help <mailto:bind-users-request@lists.isc.org?subject=help>
List-Subscribe <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe>
X-Mailman-Original-Message-ID <22E9E99C-4732-4EE4-ACBF-33F9310B3AD5@isc.org>
X-Mailman-Original-References <alpine.DEB.2.21.2007091530300.26964@pannier.local>
Xref csiph.com comp.protocols.dns.bind:15967

Show key headers only | View raw


> On 10 Jul 2020, at 05:58, Brett Delmage <Brett@BrettDelmage.ca> wrote:
> 
> I installed
> 
> BIND 9.16.4-Ubuntu (Stable Release) <id:0849b42>
> from the Ubuntu stable PPA linked to on the ISC site.
> https://launchpad.net/~isc/+archive/ubuntu/bind
> 
> After restart, BIND failed with this status:
> 
> service bind9 status
> ● bind9.service - BIND Domain Name Server
>   Loaded: loaded (/etc/systemd/system/bind9.service; enabled; vendor preset: enabled)
>   Active: failed (Result: exit-code) since Thu 2020-07-09 15:18:38 EDT; 5s ago
>     Docs: man:named(8)
>  Process: 4834 ExecStart=/usr/sbin/named -f -u bind (code=exited, status=1/FAILURE)
> Main PID: 4834 (code=exited, status=1/FAILURE)
> 
> ...
> Jul 09 15:18:38 pannier named[4834]: generating session key for dynamic DNS
> Jul 09 15:18:38 pannier named[4834]: sizing zone task pool based on 31 zones
> Jul 09 15:18:38 pannier named[4834]: could not configure root hints from '/usr/share/dns/root.hints': permission denied
> Jul 09 15:18:38 pannier named[4834]: loading configuration: permission denied
> Jul 09 15:18:38 pannier named[4834]: exiting (due to fatal error)
> Jul 09 15:18:38 pannier systemd[1]: bind9.service: Main process exited, code=exited, status=1/FAILURE
> Jul 09 15:18:38 pannier systemd[1]: bind9.service: Failed with result exit-code'.
> 
> but permissions seemed readable:
> find /usr/share/dns -ls
>  1577746      4 drwxr-xr-x   2 root     root         4096 Nov 27  2019 /usr/share/dns
>  1575480      4 -rw-r--r--   1 root     root          166 Jan 31  2018 /usr/share/dns/root.ds
>  1575840      4 -rw-r--r--   1 root     root          864 Jan 31  2018 /usr/share/dns/root.key
>  1575770      4 -rw-r--r--   1 root     bind         3315 Jan 31  2018 /usr/share/dns/root.hints
> 
> 
> I thought it might be an apparmor profile issue, so I added the path to profile usr.sbin.named for read permission and restarted apparmor without change.
> 
> Next, I copied /usr/share/dns/  to /etc/bind/dns which should already be readable. Now I get this very odd error:
> 
> named.service - BIND Domain Name Server
>   Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
>   Active: failed (Result: exit-code) since Thu 2020-07-09 15:25:49 EDT; 2s ago
>     Docs: man:named(8)
>  Process: 5742 ExecStart=/usr/sbin/named -f $OPTIONS (code=exited, status=1/FAILURE)
> Main PID: 5742 (code=exited, status=1/FAILURE)
> 
> Jul 09 15:25:49 pannier named[5742]: generating session key for dynamic DNS
> Jul 09 15:25:49 pannier named[5742]: sizing zone task pool based on 31 zones
> Jul 09 15:25:49 pannier named[5742]: dns_master_load:/etc/bind/dns:1: isc_lex_gettoken() failed: I/O error
> Jul 09 15:25:49 pannier named[5742]: dns_master_load: /etc/bind/dns:1: I/O error
> Jul 09 15:25:49 pannier named[5742]: could not configure root hints from '/etc/bind/dns': I/O error
> Jul 09 15:25:49 pannier named[5742]: loading configuration: I/O error
> Jul 09 15:25:49 pannier named[5742]: exiting (due to fatal error)
> Jul 09 15:25:49 pannier systemd[1]: named.service: Main process exited, code=exited, status=1/FAILURE
> Jul 09 15:25:49 pannier systemd[1]: named.service: Failed with result 'exit-code'.
> 
> Permissions on /etc/bind/dns:
>   278669      4 drwxr-sr-x   2 root     root         4096 Nov 27  2019 dns
>   271737      4 -rw-r--r--   1 root     root          166 Jan 31  2018 dns/root.ds
>   272958      4 -rw-r--r--   1 root     root          864 Jan 31  2018 dns/root.key
>   272932      4 -rw-r--r--   1 root     bind         3315 Jan 31  2018 dns/root.hints
> 
> 
> I'm puzzled at this point. What to check next, please?

The file names in named.conf.  "/etc/bind/dns” is a directory.  Directories are not zone files. Telling named to read a directory as a zone file is not useful. Search for ‘"/etc/bind/dns”’ and the correct the file name.

Mark

> Brett_______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka@isc.org

Back to comp.protocols.dns.bind | Previous | Next | Find similar

Thread

Re: root.hints access errors with Ubuntu BIND 9.16.4 16.04 PPA Mark Andrews <marka@isc.org> - 2020-07-10 08:19 +1000

csiph-web