Bind 9 running in sandbox

dusk at badseed.bytch.net dusk at badseed.bytch.net
Mon Apr 7 07:12:21 PDT 2003 

        I have setup my named "bind 9" to run in a sandbox. I followed the
instructions in the FreeBSD handbook. I had the FreeBSd handbook pulled up
online. I followed the inststruction step by step. I had no problems or
glitches during the process. After making the changes named fails to
start. It is unable to find the configuration files. One example is the
"named.root" file. I added the full path in the config and it found the
file. The example is below.

zone "." {
        type hint;
        file "/etc/namedb/master/named.root";
};

Named will run now but it still can not find the other files it needs to
work. I tried changing the paths in the config file to full path along
with other changes. But nothing seems to work. I have a snap of the log
below along with named.conf.

===============log snap===================
Apr  3 22:19:59 frank named[5082]: starting BIND 9.2.2
Apr  3 22:19:59 frank named[5082]: /usr/local/etc/named.conf:10: couldn't
find k
ey 'rndc-key' for use with command channel 127.0.0.1#953
Apr  3 22:19:59 frank named[5082]: command channel listening on
127.0.0.1#953
Apr  3 22:19:59 frank named[5082]: zone 0.0.127.in-addr.arpa/IN: loading
master 
file master/localhost.rev: file not found
Apr  3 22:19:59 frank named[5082]: zone localhost/IN: loading master file
master
/named.localhost: file not found
=============================================

The rndc-key is in /etc/named and it did work prior to building the
sandbox.

==============named.conf=================
// $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.3 2001/05/28 13:47:00
sheldonh Ex
p $
//
// Refer to the named(8) man page for details.  If you are ever going
// to setup a primary server, make sure you've understood the hairy
// details of how DNS is working.  Even with simple mistakes, you can
// break connectivity for affected parties, or cause huge amount of
// useless Internet traffic.

controls {
      inet 127.0.0.1 port 953
              allow { 127.0.0.1; } keys { "rndc-key"; };
};

key bytch.net. {
        algorithm hmac-md5;
        secret "abc123ABC123AbC123aBc123==";
};
options {
        directory "/";
        //named-xfer "/bin/named-xfer";
        allow-transfer { key bytch.net.; };
        query-source address * port 53;
        version "DNS on babseed.bytch.net";
};

zone "localhost" IN {
            type master;
            file "master/named.localhost";
            allow-transfer { localhost; };
            notify no;
};

zone "0.0.127.in-addr.arpa" IN {
            type master;
            file "master/localhost.rev";
            allow-transfer { localhost; };
            notify no;
};

zone "." {
        type hint;
        file "/etc/namedb/master/named.root";
};

=======below this is example zone entries==============

As you can see bind 9 installed in "/usr/local/sbin". Bind 8 was installed
in "/usr/sbin". I moved the bind 8 executable to a different file name and
made a link from "/usr/sbin" to the named executable in
"/usr/local/sbin". I also made a link from "/etc/named/etc/named.conf" to
a named.conf in "/usr/local/etc" because bind 9 was looking for the config
file there.



With the exception of the two sym links everything is setup as the
handbook instructed. Anybody out there have any ideas?


	dusk at bytch.net
	dusk at badseed.bytch.net

	"And so, it begins" - Kosh

More information about the freebsd-questions mailing list