cat /var/log/messages
Jan 11 12:48:18 prime kernel: Starting named. Jan 11 12:48:18 prime named[600]: starting BIND 9.3.4-P1 -t /var/named -u bind Jan 11 12:48:19 prime named[600]: loading configuration from '/etc/namedb/named.conf' Jan 11 12:48:19 prime named[600]: listening on IPv4 interface vr0, 219.117.246.198#53 Jan 11 12:48:19 prime named[600]: listening on IPv4 interface lo0, 127.0.0.1#53 Jan 11 12:48:19 prime named[600]: command channel listening on 127.0.0.1#953 Jan 11 12:48:19 prime named[600]: command channel listening on ::1#953 Jan 11 12:48:19 prime named[600]: logging channel 'log_default' file '/var/log/named/named.log': file not found Jan 11 12:48:19 prime kernel: Jan 11 12:48:19 prime named[600]: logging channel 'log_default' file '/var/log/named/named.log': file not found Jan 11 12:48:19 prime named[600]: logging channel 'update' file '/var/log/named/update.log': file not found Jan 11 12:48:19 prime kernel: Jan 11 12:48:19 prime named[600]: logging channel 'update' file '/var/log/named/update.log': file not found Jan 11 12:48:19 prime named[600]: isc_log_open '/var/log/named/named.log' failed: file not found Jan 11 12:48:19 prime kernel: Jan 11 12:48:19 prime named[600]: isc_log_open '/var/log/named/named.log' failed: file not found
の様なエラーがでる。これは、bindがchrootしているために、通常の/var/log/named/へのパスではなく、 /var/named/var/log/named/へのパスをサーチするため。なので、
prime# mkdir /var/named/var/log/named prime# chown bind:bind /var/named/var/log/named
として書き込みようのディレクトリを作成すると、エラーは消えます
http://www.gobu.jp/bind_13.php
Bind9以外からのゾーンファイルは転送され更新されるのにBIND9からの転送が、
11-Jan-2009 14:39:24.215 general: zone kuji-clinic.net/IN: Transfer started. 11-Jan-2009 14:39:24.259 xfer-in: transfer of 'kuji-clinic.net/IN' from 210.255.122.210#53: connected using 219.117.246.198#62063 11-Jan-2009 14:39:24.435 general: dumping master file: tmp-1tWGdZ3FJW: open: permission denied 11-Jan-2009 14:39:24.435 xfer-in: transfer of 'kuji-clinic.net/IN' from 210.255.122.210#53: failed while receiving responses: permission denied 11-Jan-2009 14:39:24.435 xfer-in: transfer of 'kuji-clinic.net/IN' from 210.255.122.210#53: end of transfer 11-Jan-2009 14:39:39.463 xfer-out: client 219.117.246.197#57090: transfer of '192A.246.117.219.in-addr.arpa/IN': AXFR-style IXFR started 11-Jan-2009 14:39:39.464 xfer-out: client 219.117.246.197#57090: transfer of '192A.246.117.219.in-addr.arpa/IN': AXFR-style IXFR ended
といわれて更新に失敗する。ので、
/var/named/etc/namedb/named.conf
zone "kuji-clinic.net" in { type slave; file "kuji-clinic.net.db"; masters { 210.255.122.210; }; };
であったところを、
prime# mkdir /var/named/etc/namedb/back prime# chown bind:bind /var/named/etc/namedb/back
してから
zone "kuji-clinic.net" in { type slave; file "back/kuji-clinic.net.db"; masters { 210.255.122.210; }; };
と変更。これで、/var/named/etc/namedb/back/kuji-clinic.net.db が更新されました。
http://www5.ocn.ne.jp/~m-shin/dns/bind9-permission-denied.html
# dig . ns @128.63.2.53 > /etc/namedb/named.ca
http://hazyinfo.net/wiki/index.php?FreeBSD%2FBIND9
http://www.kishiro.com/FreeBSD/bind.html
http://freebsd.server-manual.com/bind.html
https://www.dns-oarc.net/oarc/services/dnsentropy
http://www.kncn.net/FreeBSD/router/dns.html
2020-06-04 (木) 09:40:07