Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 5th October 2008, 22:59
wxman wxman is offline
Senior Member
 
Join Date: May 2007
Posts: 189
Thanks: 11
Thanked 2 Times in 2 Posts
Default

here's what I'm seeing now. I did the change the serial number routine again, restarted it all, then waited for a log entry to show up. the first one was this:
Code:
Oct  5 16:32:55 server2 named[30764]: transfer of 'bette-ford.com/IN' from 192.168.xx.x00#53: failed to connect: connection refused
Oct  5 16:32:55 server2 named[30764]: transfer of 'bette-ford.com/IN' from 192.168.xx.x00#53: end of transfer
. The transfer didn't go through.

I then used Webmin's "force zone update" button a little later and got this:
Code:
Oct  5 16:49:20 server2 named[30764]: zone bette-ford.com/IN: Transfer started.
Oct  5 16:49:20 server2 named[30764]: transfer of 'bette-ford.com/IN' from 192.168.xx.x00#53: connected using 192.168.xx.x10#49054
Oct  5 16:49:20 server2 named[30764]: zone bette-ford.com/IN: transferred serial 2008100504
Oct  5 16:49:20 server2 named[30764]: transfer of 'bette-ford.com/IN' from 192.168.xx.x00#53: end of transfer
Oct  5 16:49:20 server2 named[30764]: zone bette-ford.com/IN: sending notifies (serial 2008100504)
.

The only difference I see is the "connected using 192.168.xx.x10#49054" where the automatic transfer says "failed to connect: connection refused".
Reply With Quote
Sponsored Links
  #12  
Old 12th October 2008, 01:16
wxman wxman is offline
Senior Member
 
Join Date: May 2007
Posts: 189
Thanks: 11
Thanked 2 Times in 2 Posts
Default

I guess no one has any ideas, so I tried something different.

I copied the slave zone files to /var/cache/bind/ as was suggested in many discussions. I then changed the serial numbers, and a couple of other slight changes to the zone files on the primary server. i watched the logs on the slave server, and was thrilled to see the files update without any errors. Then a short time later, I looked at the log again, and saw the same files, and the same permission errors. It showed the new directory, but the errors were still coming.

So now the question is, why does it update perfectly when there is an actual change in the file, but throws an error if the slave looks for an update when it's not needed?
Reply With Quote
  #13  
Old 18th October 2008, 21:44
wxman wxman is offline
Senior Member
 
Join Date: May 2007
Posts: 189
Thanks: 11
Thanked 2 Times in 2 Posts
Default

It still doesn't look like anyone has any ideas, but I think I have it working finally. This is a chrooted version of bind running under the user 'bind'. The zone files are in /var/lib/named/etc/bind/ on both the master, and the slave servers. The /var/lib/named/etc/bind/ directory on both were chown bind:bind, but if I switch the slave to be root:bind, it works. The errors stopped as soon as I made the change. I don't know if that might help others, or even if it's the correct way to go; all I know is it works for now.
Reply With Quote
  #14  
Old 23rd November 2009, 00:05
Dark Light Dark Light is offline
Junior Member
 
Join Date: Nov 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Actually, I think this a DNS configuration issue, I just had a similar problem. Setting the slave server in Virutalmin simply tells bind that it should tell another server to update, and it also sets up those servers to allow for an update. If you changed the /etc/named.conf so that:

zone "mydomain.co.uk" {
type master;
file "/var/named/mydomain.co.uk.hosts";
also-notify {
11.22.33.44;
};
allow-transfer {
127.0.0.1;
localnets;
11.22.33.44;
};
};

Where 11.22.33.44 is the IP of your slave, I think this would solve the issue. The reason for the REFUSED was that when the slave server queried your master server, it's IP wasn't in the allow-transfer object.
Reply With Quote
  #15  
Old 28th December 2009, 15:17
Vorlon Vorlon is offline
Junior Member
 
Join Date: Oct 2005
Location: West Grove, PA
Posts: 2
Thanks: 0
Thanked 1 Time in 1 Post
Default

I was able to fix this problem by changing the permissions and groups of the /etc/bind directory.

I had to change the group of the entire /etc/bind directory to "named", and then changed the permissions of /etc/bind to allow the group to have write access.
Reply With Quote
The Following User Says Thank You to Vorlon For This Useful Post:
falko (29th December 2009)
  #16  
Old 1st September 2011, 18:38
maumar maumar is offline
Senior Member
 
Join Date: May 2009
Location: San Costanzo (PU - Italy)
Posts: 136
Thanks: 8
Thanked 11 Times in 11 Posts
Send a message via MSN to maumar Send a message via Skype™ to maumar
Default

I have 2 debian sqeeze, ns1 and ns2
i solved the issue with
Code:
chmod g+w /etc/bind/slave/
i think this is a bug on ispconfig install; should i file a bug on http://bugtracker.ispconfig.org/ ?

Last edited by maumar; 1st September 2011 at 18:41.
Reply With Quote
  #17  
Old 25th March 2013, 19:51
zbuzanic zbuzanic is offline
Member
 
Join Date: Sep 2011
Location: Zagreb
Posts: 76
Thanks: 42
Thanked 18 Times in 11 Posts
Default

Had similar problem on my slave, solved it with:

chown bind:bind /etc/bind/named.conf /etc/bind/slave
__________________
ISPConfig -> the best open source control panel
Reply With Quote
The Following User Says Thank You to zbuzanic For This Useful Post:
BriX (23rd April 2013)
  #18  
Old 22nd March 2014, 12:30
Preatorian Preatorian is offline
Junior Member
 
Join Date: May 2010
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
 
Post Solution on Standard Centos 6.5

Hi

Even though it's 5 years+ old, i would like to thank the people in this post,
On CentOS 6.5 this is still a solution. I will however add something that i think some people wonder about, namely "what directory should i change?".

Code:
Mar 22 12:18:54 vm-centos64-001 named[31686]: dumping master file: tmp-FuZsqAqxbi: open: permission denied
He tries to create a file in his default directory.
If you check where named is creating these files based on the configuration.

Code:
Look for this in named.conf

options {
...
directory       "/var/named";
...
};
Now we know, that on CentOS 6.5 it stores those files there,
So in my case a chmod g+w on that /var/named/ folder was the solution to solving my "dumping master file: tmp-FuZsqAqxbi: open: permission denied" errors.

Kind regards,

Preatorian

Last edited by Preatorian; 22nd March 2014 at 12:31. Reason: wrong syntax used for BBcode oopsie
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot connect to saslauthd server: Permission denied migm HOWTO-Related Questions 9 20th February 2011 03:18
rsync: opendir "/var/www/web44/web" failed: Permission denied (13) adrenalinic HOWTO-Related Questions 7 4th August 2009 13:16
Problem with keeping Apache alive bobeq Server Operation 3 29th November 2007 16:11
SuSE as master DNS server and Centos as slave DNS server... sthompson Server Operation 3 17th September 2006 13:24
The Perfect Setup Suse 9.3 - Postfix problems new_bee05 HOWTO-Related Questions 20 25th November 2005 02:30


All times are GMT +2. The time now is 05:00.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.