Bind 9 dying?

Hello.

I have Debian stable deployed at a Linode 64, and although everything else has been working perfectly, i got a problem with bind.

I have the original (no backports) bind9 packages from woody installed, and had two problems with it already:

  • In one day it just stopped answering. The named processes were there, but wouldn't work. Tried stopping bind, and that didn't work either. I had to kill -9 the named processes.

  • I found that bind had silently died this night. Had to restart

I use nothing special/esoteric in my config. The Debian default plus my /etc/bind/db.* files.

I know there are two bugs in the Debian BTS describin this. What disappoints me is that it happened after working nicely for two months.

So… Does anyone know any tricks I could use? I don't see another DNS server I could use. I had problems with MaraDNS (although it's great), and djbdns seems to strange to me.

The temporary solution I am using is to restart bing daily.

Thanks for any help!

J.

5 Replies

After installing some extra things and editing the named.conf file with a new zone and uploading the file through Webmin the Bind server crashes.

In the messages log it says:
> named[765]: starting BIND 9.2.4rc6 -u named

named[765]: using 1 CPU

named[773]: loading configuration from '/etc/named.conf'

named[773]: none:0: open: /etc/named.conf: permission denied

named[773]: loading configuration: permission denied

named[773]: exiting (due to fatal error)

All I did was upload the named.conf through the webmin file manager uploader. Apparently that changed the owner to root.

–------------------------------

Update

After various attempts I changed the user:group ownership to root:named for both /etc and named.conf. Then the Name server started back up.

Since I fixed it after I posted this I'll leave it posted for information purposes.

Well that is not the problem I had. Bind starts for me, but is killed later.

Anyway, these are the permissions ihere:

-rw-r--r--    1 root     root          237 Jun  6 16:54 db.0
-rw-r--r--    1 root     root          271 Jun  6 16:54 db.127
-rw-r--r--    1 root     root          237 Jun  6 16:54 db.255
-rw-r--r--    1 root     root          932 Oct  2 08:58 db.randomnode.info
-rw-r--r--    1 root     root         2769 Jun  6 16:54 db.root
-rw-r--r--    1 root     root         1942 Oct  1 23:10 named.conf
-rw-------    1 root     root           77 Jun  6 16:35 rndc.key

jp

> Bind starts for me, but is killed later
It starts but then stops.

From looking at your file permissions listing I would not be surprised if it has the same error in your /logs/messages file.

The group ownership for named.conf should be "named".

I have it like this now:
> -rw-r–--- 1 root named 969 Oct 5 07:26 named.conf
and apparently also for /etc:
> drwxr-xr-x 48 root named 4096 Oct 5 08:41 etc

And also all the zone data files in /var/named should be user and group owned by "named".

That's because the Bind named server is started up as user "named" on my CentOS system. > named[765]: starting BIND 9.2.4rc6 -u named

I found out about that through this reference:

http://www.boran.com/security/sp/bind9_20010430.html

It could be different on your Debian system so that you may not need that for your system. If you have a different problem I would suggest examining in detail your log files to see if any errors are logged.

> From looking at your file permissions listing I would not be surprised if it has the same error in your /logs/messages file.

The group ownership for named.conf should be "named".

Well, it works for a whole day for me before dying… And the files have read access to all.

I remember trying to find something in the logs, but there was nothing related to file permissions.

jp

Well, in case someone reading this thread wonders what really was happening: I had set up a too small swap partition, and MySQL and Apache were using too much memory:

> http://www.linode.com/forums/viewtopic.php?p=5174

It's fixed now…

jp

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct