Installing An Ubuntu Hardy 8.04 LTS DNS Server With BIND - Page 2

Enter the hostname. In this example, my system is called server1.tm.local, so I enter server1:

Now you have to partition your hard disk. For simplicity's sake I will create one big partition (with the mount point /) and a little swap partition so I select Guided - use entire disk (of course, the partitioning is totally up to you - if you like, you can create more than just one big partition, and you can also use LVM):

Select the disk that you want to partition:

When you're finished, hit Yes when you're asked Write the changes to disks?:

Afterwards, your new partitions are being created and formatted.

Now the base system is being installed:

Create a user, for example the user Administrator with the user name administrator (don't use the user name admin as it is a reserved name on Ubuntu 8.04):

Next the package manager apt gets configured. Leave the HTTP proxy line empty unless you're using a proxy server to connect to the Internet:

We need a DNS server, but nevertheless I don't select any of them now because I like to have full control over what gets installed on my system. We will install the needed packages manually later on. The only item I select here is OpenSSH server so that I can immediately connect to the system with an SSH client such as PuTTY after the installation has finished:

The installation continues:

The GRUB boot loader gets installed:

The base system installation is now finished. Remove the installation CD from the CD drive and hit Continue to reboot the system:

On to the next step...

Share this page:

9 Comment(s)

Add comment

Comments

From: x0r at: 2009-05-07 02:46:56

there is another way to get root shell without enable root account...

issue this commands from yours account:

sudo su root

and after you enter YOUR password you get it...

From: Lord Rybec at: 2009-04-29 19:33:21

Actually, you do not have to enable the root account to get a root command line in Ubuntu.  If you would rather keep the extra little security a locked root account provides, just run 'sudo su' and put in your password.

Lord Rybec

From: at: 2008-06-16 01:24:19

There is absolutely no reason to disable apparmor and the fact that this howto not only shows you how to disable it but actively encourages it is irresponsible.

Apparmor is much easier to configure than SELinux. With apparmor enabled you will not really need to chroot bind but if you would like to, you could use the default /var/lib/bind directory instead of chrooting in /var/lib/named or alternatively, you could edit /etc/apparmor.d/usr.sbin.named and change the path /var/lib/bind/** to /var/lib/named/**, then restart apparmor; /etc/init.d/apparmor restart.

From: at: 2008-07-05 18:36:29

Actually, there IS a reason to disable AppArmor:
If you don't do this, the whole procedure above simply DOESN'T WORK.
You just keep getting

rndc: connect failed: 127.0.0.1#953: connection refused

error whenever you try to access your DNS server with rndc. [it also occurs when you use /etc/init.d/bind9 which - I suppose - uses rndc]

There should be a neater way to work this around - maybe some AppArmor settings?

From: Adam Sweet at: 2009-07-07 19:33:57

To fix the remaining issue I needed to add an extra line to /etc/apparmor.d/usr-sbin-named:

 /var/lib/named/dev/random r,

 I think it's already in there in 9.04.

From: Jamie Strandboge at: 2009-12-28 16:02:02

What you have described is (possibly) a reason to disable the bind9 profile, not all of apparmor. See my blog http://penguindroppings.wordpress.com/2009/07/07/should-i-disable-apparmor/ for details.

From: Aloa at: 2008-10-21 18:39:29

how to is good .. but if i do update|upgrade before chrooted to /var/lib/named, after all modifications bind can't start .. tell permisions problem ..

From: heath at: 2008-12-09 23:03:21

After I did updates, appamor was enabled again.  After disabling it one more time, everything went as described.

From: Bill Gallafent at: 2009-11-23 15:04:56

When you add the reverse lookup zone for the local domain, surely this should have the same IP as the statement inside! You have:

zone "3.13.10.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};

Surely this should read:

zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};

 (or have I misunderstood something deep?)