Hello everyone,

I followed the HOW-TO on making a DNS server on Ubuntu 8.04 to the letter. However, I'm not able to start Bind after having shut it down during the setup process. When I try to start it, I get the following in my syslog:

Jul 2 17:23:32 dcky-ubuntu named[6820]: starting BIND 9.4.2 -u bind -t /var/lib/named
Jul 2 17:23:32 dcky-ubuntu named[6820]: found 1 CPU, using 1 worker thread
Jul 2 17:23:32 dcky-ubuntu named[6820]: loading configuration from '/etc/bind/named.conf'
Jul 2 17:23:32 dcky-ubuntu named[6820]: none:0: open: /etc/bind/named.conf: permission denied
Jul 2 17:23:32 dcky-ubuntu named[6820]: loading configuration: permission denied
Jul 2 17:23:32 dcky-ubuntu named[6820]: exiting (due to fatal error)

The only thing I can think of is that even though I disabled AppArmor, after I installed Bind and did some of the configuring, I got a message that AppArmor updated the Bind9 profile. So, I'm not sure if that may have blocked something.

I've chmod'ed the named.conf file amongst all of the others in there, and gave +rwxX to all (a+rwxX). It still gives me the error mentioned above.

So, I'm totally lost about how to fix this issue. Any help will be greatly appreciated.
Have a great day :)
Patrick.

Ok, an update...

I got the bind to install and start (more or less). If I try using the restart command, I get an error when it shuts down, but it starts ok. So, I'm on to problem #2.

In looking at the syslog's, I'm seeing out of zone errors for my network. For example, dcky-ubuntu.dickey.local.lan is at 192.168.1.100 and dickey-vista.dickey.local.lan is at 192.168.1.102. I get out of zone errors for both of those (and they're ignored). So, I have nothing showing up. If I try nslookup from my Vista computer, I get 'dickey.local.lan is a non-existant domain." errors.

Could it be that I have too much for my name? In other words, should it be dcky-ubuntu.local.lan instead of dcky-ubuntu.dickey.local.lan? Or do I need to flip the lan and local around (dcky-ubuntu.dickey.lan.local or dcky-ubuntu.lan.local)?

If necessary, I'll post my named.conf and my named.conf.local files, along with my dickey.local.lan.db and rev.1.168.192.in-addr.arpa files. Maybe the bug is in there.

Also, note that in the tutorial Installing An Ubuntu Hardy 8.04 LTS DNS Server With BIND, he uses his "Outside IP (Public IP)" for the rev file. I'm using my inside (Private IP) for mine, as this isn't a publicly accessible network (although I do have a website that is). So, should I use the Public (ISP Provided) IP or would mine work?

Have a great day everyone:) I'll post my config files tomorrow morning.
Patrick.

Try this:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

If that doesn't help - what's the output of ls -la /etc/bind/?

Try this:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

If that doesn't help - what's the output of ls -la /etc/bind/?

I used the apt-get remove apparmor apparmor-utils in my second attempt, and got everything working to an extent. As I mentioned above, if I restart bind9 using /etc/init.d/bind9 restart, I get an error when it shuts down, but the start comes up with [ok].

Here's the results of ls -la /etc/bind (ran in a terminal as su)
lrwxrwxrwx 1 root root 23 2008-07-02 23:18 /etc/bind -> /var/lib/named/etc/bind

In my next post, I'll include my config files.

Have a great day:)
Patrick.

named.conf (/var/lib/named/etc/named.conf)

options {
directory "/etc";
pid-file "/var/run/named.pid";
statistics-file "/var/run/named.stats";
version "Surely you must be joking";
};

controls {
inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};

key "rndc_key" {
algorithm hmac-md5;
secret "";
};

logging {
category default { default_syslog; default_debug; };
category unmatched { null; };

channel default_syslog {
syslog daemon;
severity info;
};

channel default_debug {
file "named.run";
severity dynamic;
};

channel default_stderr {
stderr;
severity info;
};

channel null {
null;
};
};

zone "." {
type hint;
file "/etc/root.hints";
};

zone "localhost" {
type master;
file "/etc/localhost";
};

zone "0.0.127.in-addr.arpa" {
type master;
file "/etc/127.0.0";
};


named.conf.local (/var/lib/named/etc/bind/named.conf.local)

zone "dickey.local.lan" {
type master;
file "/etc/bind/zones/dickey.local.lan.db";
};


zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.1.168.192.in-addr.arpa";
};


named.conf.options (/var/lib/named/etc/bind/named.conf.options)


forwarders {
# Replace the address below with the address of your ISP DNS server
192.168.1.1;
205.171.3.65;
};


Pt. 2 will be my zones files.

Have a great day:)
Patrick.

Here are my zone files (/var/lib/named/etc/bind/zones)
dickey.local.lan.db

$TTL 1500
@ IN SOA dcky-ubuntu.dickey.local.lan. root (
2007062703 ;serial
28800 ;refresh
3600 ;retry
604800 ;expire
38400 ) ;minimum 25 minutes
dickey.local.lan. IN NS dcky-ubuntu.dickey.local.lan.
dcky-ubuntu IN A 192.168.1.100
dickey-mepis IN A 192.168.1.101
dickey-vista IN A 192.168.0.102
dickey.local.lan. IN MX 10 dcky-ubuntu.dickey.local.lan.


rev.1.168.192.in-addr.arpa


$TTL 1500
@ IN SOA dcky-ubuntu.dickey.local.lan. root (
2007062703 ;serial
28800 ;refresh
3600 ;retry
604800 ;expire
38400 ) ;minimum 25 minutes

IN NS dcky-ubuntu.dickey.local.lan.
100 IN PTR dcky-ubuntu.dickey.local.lan.
101 IN PTR dcky-mepis.dickey.local.lan.
102 IN PTR dcky-vista.dickey.local.lan.


I may have seen one problem above, which is the rndc key isn't here, but there may be one in the rndc.key file. So, I'll check that, and fix it if necessary.

Have a great day:)
Patrick.

Ok, the issues with bind9 restarting are solved... Here's what I did:

I went to /etc/rndc.conf and checked what it had for the secret key. Then I copied that to my named.conf file.

When I tried to restart bind9, I got an error about it not finding /etc/bind/rndc.conf or /etc/bind/rndc.key and a [fail] with an [ok] on the start.

So, I copied my /etc/rndc.conf file to /etc/bind/rndc.conf and restarted again. This time everything came up [ok].

So for that issue, step one is create a key in both the rndc.conf file and named.conf (matching of course). Step two is copy the rndc.conf file to your /etc/bind/ directory, so that named.conf can compare them.

I'll do the nslookups again, just to see if this fixed the other issues or not.
Have a great day:)
Patrick

Here are the results for three digs from the su terminal on my Ubuntu computer.
**Note the name of the computer is dcky-ubuntu and the name of my Vista computer is Dickey-Vista***


root@dcky-ubuntu:/var/lib/named/etc# dig dickey-vista.dickey.local.lan

; <<>> DiG 9.4.2 <<>> dickey-vista.dickey.local.lan
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19463
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dickey-vista.dickey.local.lan. IN A

;; AUTHORITY SECTION:
. 10800 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2008070300 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jul 3 14:54:46 2008
;; MSG SIZE rcvd: 122

root@dcky-ubuntu:/var/lib/named/etc# dig dcky-ubuntu

; <<>> DiG 9.4.2 <<>> dcky-ubuntu
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38705
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dcky-ubuntu. IN A

;; AUTHORITY SECTION:
. 10800 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2008070300 1800 900 604800 86400

;; Query time: 80 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jul 3 14:55:26 2008
;; MSG SIZE rcvd: 104

root@dcky-ubuntu:/var/lib/named/etc# dig dcky-ubuntu.dickey.local.lan

; <<>> DiG 9.4.2 <<>> dcky-ubuntu.dickey.local.lan
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38875
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dcky-ubuntu.dickey.local.lan. IN A

;; AUTHORITY SECTION:
. 10800 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2008070300 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jul 3 14:55:42 2008
;; MSG SIZE rcvd: 121



To me, it looks like it's not even checking the named.conf.local file at all for information. Or there's an error within that configuration.

Patrick.

And now, after a reboot, I'm back where I started... I tried to do bind9 restart again (because according to the system log, it failed to start the last time)
Here's the result of the bind9 restart command:


patrickdickey@dcky-ubuntu:~$ sudo /etc/init.d/bind9 restart
* Stopping domain name service... bind rndc: connect failed: 127.0.0.1#953: connection refused
[fail]
* Starting domain name service... bind [fail]


Here are my log results:

Jul 3 15:47:33 dcky-ubuntu named[6085]: starting BIND 9.4.2 -u bind -t /var/lib/named
Jul 3 15:47:33 dcky-ubuntu named[6085]: found 1 CPU, using 1 worker thread
Jul 3 15:47:33 dcky-ubuntu named[6085]: loading configuration from '/etc/bind/named.conf'
Jul 3 15:47:33 dcky-ubuntu named[6085]: none:0: open: /etc/bind/named.conf: permission denied
Jul 3 15:47:33 dcky-ubuntu named[6085]: loading configuration: permission denied
Jul 3 15:47:33 dcky-ubuntu named[6085]: exiting (due to fatal error)


I had to add another nameserver to my /etc/resolv.conf file for now, otherwise I couldn't get out. Here's the results of a straight "bind9 start" command. It's different, so it may shed some light on where I have to look.


patrickdickey@dcky-ubuntu:~$ /etc/init.d/bind9 start
open: Permission denied
* Starting domain name service... bind chmod: changing permissions of `/var/run/bind/run': Operation not permitted
named: chroot(): Permission denied
open: Permission denied
[fail]

have a great day:)
Patrick.

What's the output of ls -la /etc/bind/?

What's the output of ls -la /etc/bind/?

I'll be darned. I forgot that there's a difference in Linux between the /etc/bind and /etc/bind/....

Here's the output that you wanted, and I think I know where the problem lies now.


root@dcky-ubuntu:/# ls -la /etc/bind/
total 24
drwxr-sr-x 3 bind bind 4096 2008-07-03 14:50 .
drwxrwxrwx 4 bind bind 4096 2008-07-03 15:02 ..
-rw-r--r-- 1 root bind 221 2008-07-02 23:25 named.conf.local
-rw-r--r-- 1 root bind 129 2008-07-02 23:34 named.conf.options
-rw-r----- 1 root bind 607 2008-07-03 14:50 rndc.conf
drwxr-sr-x 2 root bind 4096 2008-07-02 23:33 zones


I'll wait to see what your opinion is.

Thanks again, and have a great day:)
Patrick.

There's no /etc/bind/named.conf...

There's no /etc/bind/named.conf...

Hi there,
I copied the named.conf file from my /var/lib/named/etc directory there, since that's the one that was edited in the tutorial. Then I gave everyone full permissions to it. Still no go. I'm still getting the error about none:0:open: /etc/bind/named.conf: permission denied.

I even tried changing the /etc/default/bind9 from /var/lib/named to /var/iib/named/ to see if the / made a difference. Short of granting full rights to the entire /var/lib/named folder, I'm stuck. Or worse case, granting full rights to /var.

I'm still wondering if the local domain needs to be shorter (local.lan instead of dickey.local.lan). Also, all of my computers (Windows) are part of the "Dickey" workgroup, not the dickey.local.lan domain (as I don't have an AD server for them to authenticate to). Do I need to change that, and add the Ubuntu server to that domain as well?

Ultimately, I'm hoping to ditch the Windows computers for the most part, although for some things I'll still need them. And I'm trying to get my own DNS running. When I had a XP computer in place of the Ubuntu one, I used "Tree Walk DNS" for my local DNS Server. It worked perfectly for external domains, but I never could get my local one to work there either.

Have a great day:smile:
Patrick.

Hi there,
I copied the named.conf file from my /var/lib/named/etc directory there, since that's the one that was edited in the tutorial. Then I gave everyone full permissions to it. Still no go. I'm still getting the error about none:0:open: /etc/bind/named.conf: permission denied.Can you post the output of ls -la /etc/bind/ again? What's in /etc/bind/named.conf?

I even tried changing the /etc/default/bind9 from /var/lib/named to /var/iib/named/ to see if the / made a difference. Short of granting full rights to the entire /var/lib/named folder, I'm stuck. Or worse case, granting full rights to /var.
Please undo that. It must be /var/lib/named.

Can you post the output of ls -la /etc/bind/ again?

root@dcky-ubuntu:~# ls -la /etc/bind/
total 28
drwxrwsrwx 3 bind bind 4096 2008-07-04 12:08 .
drwxrwxrwx 4 bind bind 4096 2008-07-03 15:02 ..
-rwxrwxrwx 1 root bind 1009 2008-07-04 12:08 named.conf
-rw-rw-rw- 1 root bind 221 2008-07-02 23:25 named.conf.local
-rw-rw-rw- 1 root bind 129 2008-07-02 23:34 named.conf.options
-rw-rw--w- 1 root bind 607 2008-07-03 14:50 rndc.conf
drwxr-sr-x 2 root bind 4096 2008-07-02 23:33 zones

What's in /etc/bind/named.conf?

options {
directory "/etc";
pid-file "/var/run/named.pid";
statistics-file "/var/run/named.stats";
version "Surely you must be joking";
};

controls {
inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};

key "rndc_key" {
algorithm hmac-md5;
secret "e8IMpGs0ZuFMoFwZOvxZQ9gR8OznWVR9aN1s7sfZBbSlQpX+sI X+kl7TwOzOad2gkROPBWmxeCWmm5EUDA80Ew==";
};

logging {
category default { default_syslog; default_debug; };
category unmatched { null; };

channel default_syslog {
syslog daemon;
severity info;
};

channel default_debug {
file "named.run";
severity dynamic;
};

channel default_stderr {
stderr;
severity info;
};

channel null {
null;
};
};

zone "." {
type hint;
file "/etc/root.hints";
};

zone "localhost" {
type master;
file "/etc/localhost";
};

zone "0.0.127.in-addr.arpa" {
type master;
file "/etc/127.0.0";
};

zone "dickey.local.lan" {
type master;
file "/etc/bind/named.conf.local";
};


Please undo that. It must be /var/lib/named.

I undid that right after I tried it. Sorry about the delay in replying. I've been working 12 hour shifts this weekend, so this was the last thing on my mind.

Thanks for all of your help so far.
Have a great day:)
Patrick.

Can you also post the output of
ls -la /var/lib/named/etc/bind/?

Can you also post the output of
ls -la /var/lib/named/etc/bind/?

root@dcky-ubuntu:~# ls -la /var/lib/named/etc/bind/
total 28
drwxrwsrwx 3 bind bind 4096 2008-07-04 12:08 .
drwxrwxrwx 4 bind bind 4096 2008-07-03 15:02 ..
-rwxrwxrwx 1 root bind 1009 2008-07-04 12:08 named.conf
-rw-rw-rw- 1 root bind 221 2008-07-02 23:25 named.conf.local
-rw-rw-rw- 1 root bind 129 2008-07-02 23:34 named.conf.options
-rw-rw--w- 1 root bind 607 2008-07-03 14:50 rndc.conf
drwxr-sr-x 2 root bind 4096 2008-07-02 23:33 zones
root@dcky-ubuntu:~#

Can you try
chmod 666 /var/lib/named/etc/bind/rndc.conf?

I tried this command, and then restarted bind again with a failure. So, I rebooted the computer and bind failed there too. Here is the information from my /var/log/syslog file.


Jul 10 08:42:35 dcky-ubuntu NetworkManager: <info> starting...
Jul 10 08:42:37 dcky-ubuntu named[4934]: starting BIND 9.4.2-P1 -u bind -t /var/lib/named
Jul 10 08:42:37 dcky-ubuntu named[4934]: found 1 CPU, using 1 worker thread
Jul 10 08:42:37 dcky-ubuntu named[4934]: loading configuration from '/etc/bind/named.conf'
Jul 10 08:42:37 dcky-ubuntu named[4934]: none:0: open: /etc/bind/named.conf: permission denied
Jul 10 08:42:37 dcky-ubuntu named[4934]: loading configuration: permission denied
Jul 10 08:42:37 dcky-ubuntu named[4934]: exiting (due to fatal error)
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: Found user 'avahi' (UID 109) and group 'avahi' (GID 120).
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: Successfully dropped root privileges.
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: avahi-daemon 0.6.22 starting up.
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: Successfully called chroot().
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: Successfully dropped remaining capabilities.
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: No service file found in /etc/avahi/services.
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: Joining mDNS multicast group on interface eth0.IPv4 with address 192.168.1.100.
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: New relevant interface eth0.IPv4 for mDNS.
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: Network interface enumeration completed.
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: Registering new address record for fe80::2e0:4cff:fe8f:a56f on eth0.*.
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: Registering new address record for 192.168.1.100 on eth0.IPv4.
Jul 10 08:42:38 dcky-ubuntu avahi-daemon[4982]: Registering HINFO record with values 'I686'/'LINUX'.

I included the information about avahi, because 1) I wanted to know if it's presence may be part of the problem and 2) I noticed it has a user and group, where Bind doesn't list one in the log. Do I need a "bind" user in a "bind" group? And if so, what do I need for permissions?

Have a great day:)
Patrick.

some more information to add to this.

I ran named-checkzones and came up with the following results. In getting this far, I changed my dickey.local.lan.db file from @ SOA to dickey.local.lan SOA...

root@dcky-ubuntu:~# named-checkzone /etc/bind/zones/dickey.local.lan. /etc/bind/zones/dickey.local.lan.db
/etc/bind/zones/dickey.local.lan.db:2: ignoring out-of-zone data (dickey.local.lan)
/etc/bind/zones/dickey.local.lan.db:9: ignoring out-of-zone data (dickey.local.lan)
/etc/bind/zones/dickey.local.lan.db:10: dickey.local.lan./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:14: localhost./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:16: dickey-mepis./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:17: dcky-ubuntu./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:18: dickey-vista./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
zone /etc/bind/zones/dickey.local.lan/IN: has 0 SOA records
zone /etc/bind/zones/dickey.local.lan/IN: has no NS records

========================================

Here's what I get with the @ in place of the dickey.local.lan in the SOA record:

root@dcky-ubuntu:~# named-checkzone /etc/bind/zones/dickey.local.lan. /etc/bind/zones/dickey.local.lan.db
/etc/bind/zones/dickey.local.lan.db:9: ignoring out-of-zone data (dickey.local.lan)
/etc/bind/zones/dickey.local.lan.db:10: dickey.local.lan./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:14: localhost./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:16: dickey-mepis./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:17: dcky-ubuntu./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:18: dickey-vista./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
zone /etc/bind/zones/dickey.local.lan/IN: has no NS records

The line says @ SOA dcky-ubuntu.dickey.local.lan root@dcky-ubuntu.dickey.local.lan (

==================================== and just as root instead of root@...

root@dcky-ubuntu:~# named-checkzone /etc/bind/zones/dickey.local.lan. /etc/bind/zones/dickey.local.lan.db
/etc/bind/zones/dickey.local.lan.db:2: warning: root./etc/bind/zones/dickey.local.lan: bad name (check-names)
/etc/bind/zones/dickey.local.lan.db:9: ignoring out-of-zone data (dickey.local.lan)
/etc/bind/zones/dickey.local.lan.db:10: dickey.local.lan./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:14: localhost./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:16: dickey-mepis./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:17: dcky-ubuntu./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
/etc/bind/zones/dickey.local.lan.db:18: dickey-vista./etc/bind/zones/dickey.local.lan: bad owner name (check-names)
zone /etc/bind/zones/dickey.local.lan/IN: has no NS records

================================================== ====

A check of my rev.1.168.192.in-addr.arpa file gives me this:

root@dcky-ubuntu:~# named-checkzone /etc/bind/zones/dickey.local.lan. /etc/bind/zones/rev.1.168.192.in-addr.arpa
/etc/bind/zones/rev.1.168.192.in-addr.arpa:2: warning: root./etc/bind/zones/dickey.local.lan: bad name (check-names)
zone /etc/bind/zones/dickey.local.lan/IN: loaded serial 200807094
OK


Some of the information for the files, I took from http://tinyurl.com/2bvm98

When I run name-checkconf, I don't get anything back, so I'm assuming that means my configuration file is correct.

Bind still fails to start, citing permission denied on /etc/bind/named.conf. none:0:open /etc/bind/named.conf: Pemission Denied.

I'm pretty much lost here. I'm still wondering if the problem is that my domain is too deep (dickey.local.lan instead of local.lan or dickey.lan)

Have a great day:)
Patrick.

Also, my named.conf file looks like this
named.conf (/var/lib/named/etc/named.conf)
options {
directory "/etc";
pid-file "/var/run/named.pid";
statistics-file "/var/run/named.stats";
version "Surely you must be joking";
};

Shouldn't it look like this?

named.conf (/var/lib/named/etc/named.conf)
Quote:
options {
directory "/var/lib/named";
pid-file "/var/lib/named/named.pid";
statistics-file "/var/run/named.stats";
version "Surely you must be joking";
};
since it's chrooted to the /var/lib/named directory? I'm basing that on a Bind9 user manual, where it says under Chroot


chroot and setuid (for UNIX servers)

On UNIX servers, it is possible to run BIND in a chrooted environment (chroot()) by specifying the "-t" option. This can help improve system security by placing BIND in a "sandbox", which will limit the damage done if a server is compromised.

Another useful feature in the UNIX version of BIND is the ability to run the daemon as an unprivileged user ( -u user ). We suggest running as an unprivileged user when using the chroot feature.

Here is an example command line to load BIND in a chroot() sandbox, /var/named, and to run named setuid to user 202:

/usr/local/bin/named -u 202 -t /var/named

The chroot Environment

In order for a chroot() environment to work properly in a particular directory (for example, /var/named), you will need to set up an environment that includes everything BIND needs to run. From BIND's point of view, /var/named is the root of the filesystem. You will need to adjust the values of options like like directory and pid-file to account for this.
(from http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch07.html#id2567222)

Have a great day:)
Patrick.

Also doing an ls in the /var/run directory shows nothing by the name of named.pid. It also doesn't show up in the /var/lib/named directory. There is, however, a /var/run/bind directory-- which is empty.

So, in short, I don't have a named.pid file, at least not that I can find. Could that be part of the problem?

Have a great day:) And sorry for all of the posts. I'm just digging around, and when I find (or can't find) something, I post the information here.

Patrick.

To be honest, I'm running out of ideas... :(

I may just scrap the entire thing, and start fresh. I'll try it with just "local.lan" for my name and go from there. And, I'll make sure I have the right names (maybe simpler names) on all of my computers.

Another question that you may be able to help me with though is this. I've got a laptop, which isn't going to have a static IP on it. Will BIND be able to cache it's IP address, so that I can just use it's name as well, or will I have to either a) make it a static IP or b) always search for it via IP address? Obviously the first time I try to access it, I'll have to use IP address or something.

Have a great day:)
Patrick.

quote one of author's posts
Jul 10 08:42:37 dcky-ubuntu named[4934]: none:0: open: /etc/bind/named.conf: permission denied
Jul 10 08:42:37 dcky-ubuntu named[4934]: loading configuration: permission denied
Just try this:
chroot bind:bind /etc/bind/named.conf

quote one of author's posts

Just try this:
chroot bind:bind /etc/bind/named.conf

Interesting. chroot bind:bind /etc/bind/named.conf gives me

chroot: cannot change root directory to bind:bind: No such file or directory

That's strange in itself. But, it obviously answers why I'm getting the errors, just not why it's saying that...

Have a great day:)
Patrick.

I think he meant
chown bind:bind /etc/bind/named.conf

I think he meant
chown bind:bind /etc/bind/named.conf

I tried this in PuTTy, and it gave me a new prompt. So, I'm assuming that it was successful. However, trying /etc/init.d/bind9 start fails again. The curious thing is, if I go into '/var/log/syslog' I don't have anything about bind in there... Only a cron job that seems to keep running every hour. Right now, I'm performing an apt-get upgrade, so I can see if that's what's causing the cron jobs.

Then, I'll restart the computer, relog in as root and see what is going on.

Have a great day:)
Patrick.

I think he meant
chown bind:bind /etc/bind/named.conf
Opps.. my mistake. however this fixed the problem with loading configuration, don't it?