BIND/DNS will not start named.conf.local file not found

Discussion in 'Installation/Configuration' started by MrCompTech, Jul 7, 2010.

  1. MrCompTech

    MrCompTech New Member

    When I log in to the ISPConfig3 web console from my laptop on the same LAN and check the settings under

    System --> Server Config --> DNS tab
    BIND User : named
    BIND Group : named
    BIND zonefiles directory : /var/named
    BIND named.conf path : /etc/named.conf
    : /etc/named.conf.local

    The last entry is "/etc/named.conf.local" does not have a label.

    After I created the first zone ISPConfig3 did create the file /etc/named.conf.local.

    Then when I tried to manually start BIND "/etc/init.d/named start"
    I receive the error :

    Error in named configuration:
    /etc/named.conf:42: open: /etc/named.conf.local: file not found

    ISPConfig3 created this file so why can't it find it?

    If I cd to /etc and run "ls -l named*" to get a directory listing I get:
    -rw-r----- 1 root named 964 Jul 7 08:33 named.conf
    -rw-r--r-- 1 root named 964 Jul 7 08:33 named.conf.local
    -rw-r--r--. 1 root named 964 Jul 7 08:33 named.iscdlv.key
    -rw-r-----. 1 root named 964 Jul 7 08:33 named.rfc1912.zones

    Notice the "." at the end of the permissions list.
    What does this indicate and is the problem that the "named.conf.local" does not have a "." in the permissions list?

    Also, since the ISPConfig3 configuration had the BIND owner and group as "named" I changed the group on the named.* files to "named" and tried to restart named but received the same error, named still will not start.
     
  2. till

    till Super Moderator

    Which tutorial did you use to install your server?
     
  3. MrCompTech

    MrCompTech New Member

    Hello,

    I used "The Perfect Server - Fedora 13 x86_64 [ISPConfig 3]".
     
  4. borgo

    borgo New Member

  5. till

    till Super Moderator

    No, thats unrelated. In the other thread, named has been reconfigured manually to run chrooted (/var/named/chroot/etc) while in this thread the normal install guide is used and that installs named without a chroot so that the config file is /etc/named.conf

    Please post the content of the file /etc/named.conf
     
  6. MrCompTech

    MrCompTech New Member

    Hi Till,

    Here's my named.conf file:

    //
    // named.conf
    //
    // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
    // server as a caching only nameserver (as a localhost DNS resolver only).
    //
    // See /usr/share/doc/bind*/sample/ for example named configuration files.
    //

    options {
    listen-on port 53 { 127.0.0.1; };
    listen-on-v6 port 53 { ::1; };
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-query { localhost; };
    recursion yes;

    dnssec-enable yes;
    dnssec-validation yes;
    dnssec-lookaside auto;

    /* Path to ISC DLV key */
    bindkeys-file "/etc/named.iscdlv.key";
    };

    logging {
    channel default_debug {
    file "data/named.run";
    severity dynamic;
    };
    };

    zone "." IN {
    type hint;
    file "named.ca";
    };

    include "/etc/named.rfc1912.zones";

    include "/etc/named.conf.local";
     
  7. MrCompTech

    MrCompTech New Member

    OK, well this is very odd.

    I retyped the last line of the named.conf above the existing line using vim, exactly like the existing line.

    include "/etc/named.conf.local";

    then deleted the original line and now named starts!

    But now I get a different error!

    I had already used ISPConfig3 web interface to add a client, website and a domain.
    The FQDN of the ISPConfig3 server is "prl-ofc-s01.mrcomptech.com" with an IP of 192.168.1.10
    This server is behind a NATed cable modem.
    There is only one public IP address.

    The DNS service is only needed on the local LAN by a couple of PCs to query DNS for Internet as well as for web sites on the local ISPConfig3 web server, which all should resolve to 192.168.1.10

    The website I was adding was "mrcomptech.com"

    Starting named:
    Error in named configuration:
    zone localhost.localdomain/IN: loaded serial 0
    zone localhost/IN: loaded serial 0
    zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
    zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
    zone 0.in-addr.arpa/IN: loaded serial 0
    zone mrcomptech.com/IN: has no NS records
    zone mrcomptech.com/IN: not loaded due to errors.
    _default/mrcomptech.com/IN: bad zone

    I deleted the zone within ISPConfig3 but when I try to restart named it still finds the zone that doesn't show up in ISPConfig3.
     
    Last edited: Jul 7, 2010
  8. MrCompTech

    MrCompTech New Member

    I deleted the pri.mrcomptech.com zone file manually from the server and deleted the contents of /etc/named.conf.local

    I am going to delete all records related to the one client, website and dns that I created and try to start over with a 'new client'.
     
  9. MrCompTech

    MrCompTech New Member

    OOPS - I spoke to soon!

    I wanted to confirm that retyping the inclusion line for the named.conf.local is what fixed the problem so I restored the HD backup I made using "Clonezilla Live".

    http://www.howtoforge.com/back-up-restore-hard-drives-and-partitions-with-clonezilla-live

    Well it didn't work.

    So I am still getting the error:

    Error in named configuration:
    /etc/named.conf:42: open: /etc/named.conf.local: file not found

    Even though ISPConfig created this file.

    But I did find something else out...

    I commented out the inclusion line in named.conf and started the named service. I waited a few minutes then checked the server status and "MyDNS" showed green. Of course I can't use the system this way since my DNS information for the web sites is not being read!

    Any ideas?
     
  10. till

    till Super Moderator

    Do you have any Linux kernel security extensions like selinux enabled which might prevent that named can read the file?
     
  11. MrCompTech

    MrCompTech New Member

    I followed the How-To for the perfect server F13 x86_64, so selinux should be disabled and there should be no rules in iptables.

    ...

    I checked in /etc/selinux/config, SELINUX=disabled.

    ...

    In iptables a rule is present for fail2ban-SSH. The install of fail2ban-SSH must have created this.

    I even created /etc/named.glb and added an inclusion for it in /etc/named.conf and while commenting out the inclusion for named.conf.local I get an error stating that named.glb cannot be found!

    I tried putting the inclusion lines that cause the error before the inclusion line for /etc/named.rfc1912.zones, which by the way does not cause an error, and still get the error.

    I have tried chmod 777 on named.conf.local and still get the error.
    I have chgrp and chown named named.conf.local and still get the error.
     
    Last edited: Jul 7, 2010
  12. MrCompTech

    MrCompTech New Member

    Duplicate Removed
     
    Last edited: Jul 8, 2010
  13. MrCompTech

    MrCompTech New Member

    Duplicate removed
     
    Last edited: Jul 8, 2010
  14. MrCompTech

    MrCompTech New Member

    Restarted from bare metal

    Following the How-to

    http://howtoforge.org/perfect-server-fedora-13-x86_64-ispconfig-3

    I started all over and received the same problem as before.

    The DNS (named) service is not yet started.

    After using ISPConfig3 web console to configure server IP, add client, add website and use DNS wizard to create zone record for the first web site the /etc/named.conf.local gets created by ISPConfig3 but when I try to restart the service it will not start because the inclusion file "/etc/named.conf.local" called for in "/etc/named.conf" cannot be found!

    Another inclusion file "/etc/named.rfc1912.zones" is able to be read.

    Geez this is not making sense, how can a file the is present not be able to be read? SELinux is disabled.

    Anyone have any ideas?
     
  15. theleech1

    theleech1 New Member

    I am a complete novice and have my own problems as well in another thread.

    But when I ran the tutorials they ask you to create the root user but not a special user "named" for the group "named" ro run bind.

    I had to got and change the permissions to allow root to run these files "named" etc and I got past your problem into mine :(

    Even if this does not help you exactly it might make you look at the problem from a different angle.
     
  16. falko

    falko Super Moderator

    I guess BIND is running chrooted. What's the output of
    Code:
    updatedb
    locate named.conf
    ?
     
  17. MrCompTech

    MrCompTech New Member

    Issue with BIND - The Perfect Server - Fedora 13 x86_64 [ISPConfig 3]

    Hi TheLeech1,

    The How-to "The Perfect Server - Fedora 13 x86_64 [ISPConfig 3]" doesn't include any instructions for creating or modifying the user "named".

    Which How-To were you following?

    Hi Falko,
    After your comment I checked the list of software selected during page1 and 2 of the how-to. When it says to include the group "DNS Name Server" this group includes two software packages bind-chroot and unbound.

    This is on page http://www.howtoforge.com/perfect-server-fedora-13-x86_64-ispconfig-3-p2.

    But later on page http://www.howtoforge.com/perfect-server-fedora-13-x86_64-ispconfig-3-p5 step 17 it says:

    Code:
    yum install bind bind-utils
    To find out what BIND related software is installed I ran

    Code:
    yum list installed bind*
    It returned:

    Code:
    Installed Packages
    bind.x86_64
    bind-chroot.x86_64
    bind-libs.x86_64
    bind-utils.x86_64
    the version for each is 32:9.7.1-1.fc13 from @updates

    I ran the "updatedb" command then the "locate named.conf" as you requested.

    Here is the result:

    Code:
    /etc/named.conf
    /etc/named.conf.local
    /usr/local/ispconfig/server/conf/bind_named.conf.local.master
    /usr/share/doc/bind-9.7.1/named.conf.default
    /usr/share/doc/bind-9.7.1/sample/etc/named.conf
    /usr/share/man/man5/named.conf.5.gz
    /var/named/chroot/etc/named.conf

    The commands for installing both bind and bind-chroot have been run, both appear in the yum listing. Both are installed but it is not clear which I am actually running or perhaps both are running :(

    What do I need to do to correct this?
     
  18. MrCompTech

    MrCompTech New Member

    Issue with BIND - The Perfect Server - Fedora 13 x86_64 [ISPConfig 3]

    It looks like what I need to do is to start over, again, and this time during the software selection stage, Pg 1 or 2, of the How-To DESELECT "DNS Name Server" since that is explicitly installed later. This will mean running BIND as not chroot. If anyone knows any reasons of why this might not be a secure or good as running it as chrooted please post.

    After the reinstall I'll post again so we know what happened :)
     
  19. rbroomfield

    rbroomfield New Member

    Same issue and its bugging the hell out of me. Running 3 servers all vm's using ispconfig 2 no problem. I've tried all i can find and still no joy. grr still looking. Can anyone shed any light on this one... The file is THERE
     
  20. MrCompTech

    MrCompTech New Member

    Problem and Fix found!

    The default install of Fedora 13 under the category "DNS Name Server" has bind-chroot selected by default when you select the category has described in the How-To "The Perfect Server - Fedora 13 x86_64 [ISPConfig 3]"

    This would be fine if the remaining instructions did not include installing bind and did explain what to do to configure bind-chroot.

    BIND is installed in step 17 "yum install bind bind-utils".

    So what I did was to not select the "DNS Name Server" category during pg2 of the How-To. There is one other thing that needs done since the file named.conf.local does not yet exist and 'named' will not start without it and since we need it for ISPConfig3 we cannot comment out the inclusion line in named.conf for named.conf.local. -

    Code:
    cd /etc
    echo > named.conf.local
    This creates an empty file and now you can run :

    Code:
    /etc/init.d/named start
    and it will start. Or reboot and named should start. You could also use ISPConfig to create the named.conf.local file by creating a zone then reboot your server.

    Following these changes it worked, at least named started with no problem. I haven't gotten any furthur to see if there are any other problems.

    I have also created a couple of scripts that take a lot of the pain and human error out of running the How-To "The Perfect Server - Fedora 13 x86_64 [ISPConfig 3]" I will post them in another thread in this "ISPConfig3/Installation & Configuration" forum.
     

Share This Page