No BIND

Using Fedora, BIND version is ind-9.2.2.P3-9.

I try to start up my DNS server with
/etc/init.d/named restart (cf The Red Linux
Bible - the jury's still out), but doesn't
see any new jobs in top.

In the log file (what are the best files to
look at for clues in such cases?) it says-
Jan 22 11:54:32.296 general: couldn't open pid file
'/var/run/named/named.pid': Permission denied
Jan 22 11:54:32.308 general: exiting (due to early fatal error)
Sure enough, /var/run/named.pid has disappeared. I'm sure it
was there once, as I have successfully started the DNS server
before now.

Jhuola Hoptire <(E-Mail Removed)> wrote:
> I try to start up my DNS server with
> /etc/init.d/named restart (cf The Red Linux

Try harder.

> Bible - the jury's still out), but doesn't
> see any new jobs in top.

Then launch it by hand, read the logs, strace it, etc.

> In the log file (what are the best files to
> look at for clues in such cases?)

The log file.

> it says-
> Jan 22 11:54:32.296 general: couldn't open pid file
> '/var/run/named/named.pid': Permission denied

There you are. Fix that!

> Jan 22 11:54:32.308 general: exiting (due to early fatal error)
> Sure enough, /var/run/named.pid has disappeared. I'm sure it

That's NOT what it talked about .. read again. Make the directory, and
make sure that it is owned by whoever named runs as these days
(should take -u and -g as args, shirley?)

> was there once, as I have successfully started the DNS server
> before now.

And the kwestoon is?

Peter

P.T. Breuer wrote:

Thanks ...

> Jhuola Hoptire <(E-Mail Removed)> wrote:
>
>>I try to start up my DNS server with
>>/etc/init.d/named restart (cf The Red Linux
>
>
> Try harder.
>
OK
>
>>Bible - the jury's still out), but doesn't
>>see any new jobs in top.
>
>
> Then launch it by hand, read the logs, strace it, etc.
>
What do you mean lauch it by hand?
Which log files (cannonical names would be nice)
should I look at? How would I find out having to ask
somebody?
I am reading about strace in man as we speak.
>
>>In the log file (what are the best files to
>>look at for clues in such cases?)
>
>
> The log file.
How should I know (find out) where the log file is?
>
>
>>it says-
>>Jan 22 11:54:32.296 general: couldn't open pid file
>>'/var/run/named/named.pid': Permission denied
>
>
> There you are. Fix that!
>
Fix what? There is a directory called /var/run/named owned
by the group named. There is no file called named.pid, but
I would have thought the user "named" which owns the "named"
process can write to a dirctory its group owns.
>
>>Jan 22 11:54:32.308 general: exiting (due to early fatal error)
>>Sure enough, /var/run/named.pid has disappeared. I'm sure it
>
>
> That's NOT what it talked about .. read again. Make the directory, and
> make sure that it is owned by whoever named runs as these days
> (should take -u and -g as args, shirley?)
>
Typo, meant /var/run/named/named.pid
>
>>was there once, as I have successfully started the DNS server
>>before now.
>
>
> And the kwestoon is?
>

"Is anybody interested in making any helpful suggestions?"

> Peter

Jhuola Hoptire <(E-Mail Removed)> wrote:
> P.T. Breuer wrote:
> > Jhuola Hoptire <(E-Mail Removed)> wrote:
> >
> >>I try to start up my DNS server with
> >>/etc/init.d/named restart (cf The Red Linux
> >
> > Try harder.
> >
> OK

Should work.


> >>Bible - the jury's still out), but doesn't
> >>see any new jobs in top.
> >
> > Then launch it by hand, read the logs, strace it, etc.
> >
> What do you mean lauch it by hand?

Do not use a script to do it for you.

> Which log files (cannonical names would be nice) should I look at?

Whichever ones you have configured.

> How would I find out having to ask somebody?

You would read the man page to find out how named does its logging.
You would probably then look in its configuration file too to check.
It would probably be configured or compiled to log through syslogd,
so you would want to find out which logging facility and level
it was using. Then you would check syslogd's configuration file
to see where logs of that fadility and level were sent.

From the man page:

NOTE: The new debugging framework is considerably more
sophisticated than it was in older versions of NAMED.
The con- figuration file's ``logging'' statement allows
for multiple, distinct levels of debugging for each of
a large set of cate- gories of events (such as queries,
transfers in or out, etc.). Please refer to the
configuration file guide included with this BIND
distribution for further information about these
extensive new capabilities.

However, I have set nothing for logging in my named conf file. Yet
it makes the occasional burst to syslogd, which certainly sends it
at least to syslog here. You want to check your conf.

> I am reading about strace in man as we speak.

OK.

> >>In the log file (what are the best files to
> >>look at for clues in such cases?)
> >
> >
> > The log file.
> How should I know (find out) where the log file is?

I would personally just strace the thing, rather than bother
with nameds docs.

> >>it says-
> >>Jan 22 11:54:32.296 general: couldn't open pid file
> >>'/var/run/named/named.pid': Permission denied
> >
> > There you are. Fix that!
> >
> Fix what? There is a directory called /var/run/named owned
> by the group named.

If so, then you should ask yourself why named cannot write there.
Who is it owned by, what perms does it have, and who does named
run as?

And fix them ...

> There is no file called named.pid, but


We know. It said so.

> I would have thought the user "named" which owns the "named"
> process can write to a dirctory its group owns.

Aha! Well, su over to user named and find out. If in doubt, loosen the
perms and see if that helps.

Experiment.

Observe.

Deduce.

> >>Jan 22 11:54:32.308 general: exiting (due to early fatal error)
> >>Sure enough, /var/run/named.pid has disappeared. I'm sure it
> >
> > That's NOT what it talked about .. read again. Make the directory, and
> > make sure that it is owned by whoever named runs as these days
> > (should take -u and -g as args, shirley?)
> >
> Typo, meant /var/run/named/named.pid
> >
> >>was there once, as I have successfully started the DNS server
> >>before now.
> >
> > And the kwestoon is?
> >
>
> "Is anybody interested in making any helpful suggestions?"

Ah. Yes.

Peter

On Thu, 22 Jan 2004 22:36:25 +0000, Jhuola Hoptire wrote:

[snips]
>
> "Is anybody interested in making any helpful suggestions?"
>
Yes - man named and man named.conf
(if only to find out where the log file is/could be

B.
--
Everyone has a photographic memory. Some just don't have film.

Jhuola Hoptire wrote:

> P.T. Breuer wrote:
>
> Thanks ...
>
>> Jhuola Hoptire <(E-Mail Removed)> wrote:
>>
>>
>> Then launch it by hand, read the logs, strace it, etc.
>>
> What do you mean lauch it by hand?
> Which log files (cannonical names would be nice)
> should I look at? How would I find out having to ask
> somebody?

tail -f /var/log/messages


> I am reading about strace in man as we speak.
>>
>>>In the log file (what are the best files to
>>>look at for clues in such cases?)
>>
>>
>> The log file.
> How should I know (find out) where the log file is?

tail -f /var/log/messages

>>
>>
>>>it says-
>>>Jan 22 11:54:32.296 general: couldn't open pid file
>>>'/var/run/named/named.pid': Permission denied
>>
>>
>> There you are. Fix that!
>>
> Fix what? There is a directory called /var/run/named owned
> by the group named. There is no file called named.pid, but
> I would have thought the user "named" which owns the "named"
> process can write to a dirctory its group owns.

ls -la /var/run/named

>>
>>>Jan 22 11:54:32.308 general: exiting (due to early fatal error)
>>>Sure enough, /var/run/named.pid has disappeared. I'm sure it
>>
>>
>> That's NOT what it talked about .. read again. Make the directory, and
>> make sure that it is owned by whoever named runs as these days
>> (should take -u and -g as args, shirley?)
>>
> Typo, meant /var/run/named/named.pid
>>
>>>was there once, as I have successfully started the DNS server
>>>before now.
>>
>>
>> And the kwestoon is?
>>
>
> "Is anybody interested in making any helpful suggestions?"

Yes

>
>> Peter

P.T. Breuer wrote:

> Jhuola Hoptire <(E-Mail Removed)> wrote:
>
>>P.T. Breuer wrote:
>>
>>>Jhuola Hoptire <(E-Mail Removed)> wrote:
>>>
>>>
>>>>I try to start up my DNS server with
>>>>/etc/init.d/named restart (cf The Red Linux
>>>
>>>Try harder.
>>>
>>
>>OK
>
>
> Should work.
>
>
>
>>>>Bible - the jury's still out), but doesn't
>>>>see any new jobs in top.
>>>
>>>Then launch it by hand, read the logs, strace it, etc.
>>>
>>
>>What do you mean lauch it by hand?
>
>
> Do not use a script to do it for you.
If you tell me how else to start it, I will be the
first to try, and L'll immediately strace the
thing.

http://linuxgazette.net/issue01to08/...e6.html#strace
is quite a gentle intro.
>
>
>>Which log files (cannonical names would be nice) should I look at?
>
>
> Whichever ones you have configured.
>
Haven't configured any. I assumed there's a "well-known"
(unfortunately, not to me) place it would go.
I did tail -f /var/log/messages (thanks Baho) but nothing
in there relating to this.

Is /var/log/messages what you mean by syslog? Can't see anything
about this file in man. syslog is neither an environment variable
nor an alias. So how would I find out what syslog is?
>
>>How would I find out having to ask somebody?
>
>
> You would read the man page to find out how named does its logging.
> You would probably then look in its configuration file too to check.
> It would probably be configured or compiled to log through syslogd,
> so you would want to find out which logging facility and level
> it was using. Then you would check syslogd's configuration file
> to see where logs of that fadility and level were sent.
>
> From the man page:
>
> NOTE: The new debugging framework is considerably more
> sophisticated than it was in older versions of NAMED.
> The con- figuration file's ``logging'' statement allows
> for multiple, distinct levels of debugging for each of
> a large set of cate- gories of events (such as queries,
> transfers in or out, etc.). Please refer to the
> configuration file guide included with this BIND
> distribution for further information about these
> extensive new capabilities.
>
> However, I have set nothing for logging in my named conf file. Yet
> it makes the occasional burst to syslogd, which certainly sends it
> at least to syslog here. You want to check your conf.
>
>
>>I am reading about strace in man as we speak.
>
>
> OK.
>
>
>>>>In the log file (what are the best files to
>>>>look at for clues in such cases?)
>>>
>>>
>>>The log file.
>>
>>How should I know (find out) where the log file is?
>
>
> I would personally just strace the thing, rather than bother
> with nameds docs.
>
>
>>>>it says-
>>>>Jan 22 11:54:32.296 general: couldn't open pid file
>>>>'/var/run/named/named.pid': Permission denied
>>>
>>>There you are. Fix that!
>>>
>>
>>Fix what? There is a directory called /var/run/named owned
>>by the group named.
>
>
> If so, then you should ask yourself why named cannot write there.
> Who is it owned by, what perms does it have, and who does named
> run as?
>
> And fix them ...
>
>
>>There is no file called named.pid, but
>
>
>
> We know. It said so.
>
>
>>I would have thought the user "named" which owns the "named"
>>process can write to a dirctory its group owns.
>
>
> Aha! Well, su over to user named and find out. If in doubt, loosen the
> perms and see if that helps.
>
> Experiment.
>
> Observe.
>
> Deduce.
>
Yes I enjoy all that too, but I'd also make a bit of pregress.
Anyway, when I su to named I get This account is currently not
available. even though I am logged in as root.
>
>>>>Jan 22 11:54:32.308 general: exiting (due to early fatal error)
>>>>Sure enough, /var/run/named.pid has disappeared. I'm sure it
>>>
>>>That's NOT what it talked about .. read again. Make the directory, and
>>>make sure that it is owned by whoever named runs as these days
>>>(should take -u and -g as args, shirley?)
>>>
>>
>>Typo, meant /var/run/named/named.pid
>>
>>>>was there once, as I have successfully started the DNS server
>>>>before now.
>>>
>>>And the kwestoon is?
>>>
>>
>>"Is anybody interested in making any helpful suggestions?"
>
>
> Ah. Yes.
>
> Peter

What's all this about?

stat64("/var/named/chroot/etc/named.conf", 0xbff103d0) = -1 ENOENT (No
such file or directory)

Who said anything about chroot? (Was it me??)
I dont even have a /var/named/chroot directory.

Good job strace



P.T. Breuer wrote:

> Jhuola Hoptire <(E-Mail Removed)> wrote:
>
>>P.T. Breuer wrote:
>>
>>>Jhuola Hoptire <(E-Mail Removed)> wrote:
>>>
>>>
>>>>I try to start up my DNS server with
>>>>/etc/init.d/named restart (cf The Red Linux
>>>
>>>Try harder.
>>>
>>
>>OK
>
>
> Should work.
>
>
>
>>>>Bible - the jury's still out), but doesn't
>>>>see any new jobs in top.
>>>
>>>Then launch it by hand, read the logs, strace it, etc.
>>>
>>
>>What do you mean lauch it by hand?
>
>
> Do not use a script to do it for you.
>
>
>>Which log files (cannonical names would be nice) should I look at?
>
>
> Whichever ones you have configured.
>
>
>>How would I find out having to ask somebody?
>
>
> You would read the man page to find out how named does its logging.
> You would probably then look in its configuration file too to check.
> It would probably be configured or compiled to log through syslogd,
> so you would want to find out which logging facility and level
> it was using. Then you would check syslogd's configuration file
> to see where logs of that fadility and level were sent.
>
> From the man page:
>
> NOTE: The new debugging framework is considerably more
> sophisticated than it was in older versions of NAMED.
> The con- figuration file's ``logging'' statement allows
> for multiple, distinct levels of debugging for each of
> a large set of cate- gories of events (such as queries,
> transfers in or out, etc.). Please refer to the
> configuration file guide included with this BIND
> distribution for further information about these
> extensive new capabilities.
>
> However, I have set nothing for logging in my named conf file. Yet
> it makes the occasional burst to syslogd, which certainly sends it
> at least to syslog here. You want to check your conf.
>
>
>>I am reading about strace in man as we speak.
>
>
> OK.
>
>
>>>>In the log file (what are the best files to
>>>>look at for clues in such cases?)
>>>
>>>
>>>The log file.
>>
>>How should I know (find out) where the log file is?
>
>
> I would personally just strace the thing, rather than bother
> with nameds docs.
>
>
>>>>it says-
>>>>Jan 22 11:54:32.296 general: couldn't open pid file
>>>>'/var/run/named/named.pid': Permission denied
>>>
>>>There you are. Fix that!
>>>
>>
>>Fix what? There is a directory called /var/run/named owned
>>by the group named.
>
>
> If so, then you should ask yourself why named cannot write there.
> Who is it owned by, what perms does it have, and who does named
> run as?
>
> And fix them ...
>
>
>>There is no file called named.pid, but
>
>
>
> We know. It said so.
>
>
>>I would have thought the user "named" which owns the "named"
>>process can write to a dirctory its group owns.
>
>
> Aha! Well, su over to user named and find out. If in doubt, loosen the
> perms and see if that helps.
>
> Experiment.
>
> Observe.
>
> Deduce.
>
>
>>>>Jan 22 11:54:32.308 general: exiting (due to early fatal error)
>>>>Sure enough, /var/run/named.pid has disappeared. I'm sure it
>>>
>>>That's NOT what it talked about .. read again. Make the directory, and
>>>make sure that it is owned by whoever named runs as these days
>>>(should take -u and -g as args, shirley?)
>>>
>>
>>Typo, meant /var/run/named/named.pid
>>
>>>>was there once, as I have successfully started the DNS server
>>>>before now.
>>>
>>>And the kwestoon is?
>>>
>>
>>"Is anybody interested in making any helpful suggestions?"
>
>
> Ah. Yes.
>
> Peter

Jhuola Hoptire <(E-Mail Removed)> wrote:
> >>What do you mean lauch it by hand?
> >
> > Do not use a script to do it for you.
> If you tell me how else to start it, I will be the

Sure - read the script.

> first to try, and L'll immediately strace the
> thing.


> >>Which log files (cannonical names would be nice) should I look at?
> >
> > Whichever ones you have configured.
> >
> Haven't configured any.

Yes you have. It was your choice to leave the configuration the way the
ditro provided it.

> I assumed there's a "well-known" (unfortunately, not to me) place it
> would go.

You are wrong in assuming there is an "it". But certainly it is
standard to put all log files in /var/log/. I would simply grep
in all logfiles below there for mention of named or bind.

> I did tail -f /var/log/messages (thanks Baho) but nothing
> in there relating to this.

It is not unreasonable to expect that mesages contains all log messages,
as it is often configured that way, but it is not a certain thing that
it WILL be configured that way. I would put the chances as about 60%.

> Is /var/log/messages what you mean by syslog?

No, I mean syslogd (the syslog daemon) by syslogd. man syslogd.

> Can't see anything
> about this file in man.

What file?

> syslog is neither an environment variable
> nor an alias. So how would I find out what syslog is?

Look in the manual. If necessary, grep every man page for a mention.
Try "locate syslog". Do "man -k log | grep sys". Etc.

> >>I would have thought the user "named" which owns the "named"
> >>process can write to a dirctory its group owns.
> >
> >
> > Aha! Well, su over to user named and find out. If in doubt, loosen the
> > perms and see if that helps.

> >
> Yes I enjoy all that too, but I'd also make a bit of pregress.
> Anyway, when I su to named I get This account is currently not
> available. even though I am logged in as root.

Why should being root be germane?

Now, is the account "available"? Is it in passwd? Does it have a
suitable shell listed? If not, define your own shell to su (man su,
-s). Repeat until done.

Peter

Jhuola Hoptire <(E-Mail Removed)> wrote:
> What's all this about?
>
> stat64("/var/named/chroot/etc/named.conf", 0xbff103d0) = -1 ENOENT (No
> such file or directory)

Dunno. Looks like an attempt to chroot to "/var/named/chroot" shortly
before here, followed by an attempt to access "/etc/named.conf". Did
the code do a chroot just above? Or is this simply strace's
representation of a chrooted call?

> Who said anything about chroot? (Was it me??)

Possibly. Named's childer will definitely chroot out of harms way
as soon as possible.

> I dont even have a /var/named/chroot directory.

Time to make one and see what happens. But I'm not sure the report is
real.

> Good job strace


Peter