<br><div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">/var/named/chroot/etc<br>named.conf rndc.conf rndc.key <any other config file for Bind>
</blockquote><div><br>YES, I copied named.conf rndc.conf rndc.key to /var/named/chroot/etc.<br><br>[root@mailgw ~]# cd /var/named/chroot/etc/<br>[root@mailgw etc]# pwd<br>/var/named/chroot/etc<br>[root@mailgw etc]# ls -al
<br>total 56<br>drwxr-x--- 2 root named 4096 Jul 5 13:26 .<br>drwxr-x--- 6 root named 4096 Apr 11 15:41 ..<br>-rw-r--r-- 1 root root 347 May 14 16:59 localtime<br>-rw-r--r-- 1 <span style="font-weight: bold;">root named
</span> 1681 Jul 5 12:46 <span style="font-weight: bold;">named.conf</span><br>-rw-r--r-- 1 <span style="font-weight: bold;">root named </span>1114 Jul 5 10:28 <span style="font-weight: bold;">rndc.conf</span><br>-rw-r--r-- 1
<span style="font-weight: bold;">root named</span> 113 Apr 27 15:28 <span style="font-weight: bold;">rndc.key<br><br></span>You can see above files and their permission . <br><br><span style="font-weight: bold;">Here is my
named.conf. pls see below</span><br><br><br>[root@mailgw etc]# cat named.conf<br>//<br>// named.conf for Red Hat caching-nameserver<br>//<br><br>options {<br> directory "/var/named";<br> dump-file "/var/named/data/cache_dump.db";
<br> statistics-file "/var/named/data/named_stats.txt";<br> /*<br> * If there is a firewall between you and nameservers you want<br> * to talk to, you might need to uncomment the query-source
<br> * directive below. Previous versions of BIND always asked<br> * questions using port 53, but BIND 8.1 uses an unprivileged<br> * port by default.<br> */<br> // query-source address * port 53;
<br>};<br><br>//<br>// a caching only nameserver config<br>//<br>controls {<br> inet <a href="http://127.0.0.1" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">127.0.0.1</a> allow { localhost; } keys { rndckey; };
<br>};<br><br>zone "." IN {<br> type hint;
<br> file "named.root";<br>};<br><br>//zone "localdomain" IN {<br>// type master;<br>// file "localdomain.zone";<br>// allow-update { none; };<br>//};<br><br>//zone "localhost" IN {
<br>// type master;<br>// file "localhost.zone";<br>// allow-update { none; };<br>//};<br><br>//zone "0.0.127.in-addr.arpa" IN {<br>// type master;<br>// file "
named.local
";<br>// allow-update { none; };<br>//};<br><br>//zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {<br>// type master;<br>// file "named.ip6.local
";
<br>// allow-update { none; };<br>//};<br><br>//zone "255.in-addr.arpa" IN {<br>// type master;<br>// file "named.broadcast";<br>// allow-update { none; };<br>//};<br><br>//zone "
0.in-addr.arpa" IN {<br>// type master;<br>// file "named.zero";<br>// allow-update { none; };<br>//};<br><br><br>zone "<a href="http://example77.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
example77.com</a> " IN {
<br> type master;<br> file "master/example77.com.zone";<br>};<br><br>include "/etc/rndc.key";<br><br><br><span style="font-weight: bold;">here is my rndc.conf file. pls see below</span><br>
<br>[root@mailgw etc]# cat rndc.conf<br>/*<br> * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")<br> * Copyright (C) 2000, 2001 Internet Software Consortium.<br> *<br> * Permission to use, copy, modify, and distribute this software for any
<br> * purpose with or without fee is hereby granted, provided that the above<br> * copyright notice and this permission notice appear in all copies.<br> *<br> * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
<br> * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY<br> * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,<br> * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
<br> * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE<br> * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR<br> * PERFORMANCE OF THIS SOFTWARE.<br> */<br><br>/* $Id:
rndc.conf
,v <a href="http://1.7.2.1" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">1.7.2.1</a> 2004/03/09 06:09:27 marka Exp $ */<br><br>/*<br> * Sample rndc configuration file.<br> */<br><br>options {<br>
default-server localhost;<br> default-key "rndckey";
<br>};<br><br>server localhost {<br> key "rndckey";<br>};<br><br>include "/etc/rndc.key";<br><br><span style="font-weight: bold;">here is my rndc.key. pls see below. </span><br><br>[root@mailgw
etc]# cat rndc.key<br>key "rndckey" {<br> algorithm hmac-md5;<br> secret "pS6vJwWxIHVKPO6uOwwzd41Q8ubhGYcm69pJWNh3oeADrdSLo7dHIH24nxep";<br>};<br><br><br><br>and also, I added
<span style="font-weight: bold;">2 </span>syslinks to /etc. Pls see below. <br>[root@mailgw etc]# pwd<br>
/etc<br>
[root@mailgw etc]# ln -s /var/named/chroot/etc/rndc.conf rndc.conf<br clear="all">
[root@mailgw etc]# ln -s /var/named/chroot/etc/named.conf named.conf<br><br>[root@mailgw etc]# ls -al /etc/named.conf<br>lrwxrwxrwx 1 root root 32 Jul 5 10:33 /etc/named.conf -> /var/named/chroot/etc/named.conf
<br><br>[root@mailgw etc]# ls -al /etc/rndc.conf<br>lrwxrwxrwx 1 root root 31 Jul 5 10:32 /etc/rndc.conf -> /var/named/chroot/etc/rndc.conf<br><br>And, Below symlink was added by default. <br>[root@mailgw etc]# ls -al /etc/rndc.key
<br>lrwxrwxrwx 1 root named 31 Apr 27 15:28 /etc/rndc.key -> /var/named/chroot//etc/rndc.key<br><br><br>Then, I did cd to /var/named/chroot/var/named/ as follows. <span style="font-weight: bold;"><br></span>[root@mailgw
etc]# cd /var/named/chroot/var/named/<br><br>I do not want to plce my zone files @ var/named/chroot/var/named/slaves <br>So, I created a directory called master as follows. <br><br>[root@mailgw named]# mkdir master
<br>And, Changed permision as follows. <br>[root@mailgw named]# chown -R named:named master/<br>[root@mailgw named]# chmod -R 770 master/<br>[root@mailgw named]# ls -al<br>total 36<br>drwxr-x--- 5 root named 4096 Jul 5 10:36 .
<br>drwxr-x--- 5 root named 4096 Mar 14 2003 ..<br>drwxrwx--- 2 named named 4096 Aug 26 2004 data<br>drwxrwx--- 2 <span style="font-weight: bold;">named named</span> 4096 Jul 5 10:36 <span style="font-weight: bold;">
master
</span><br>drwxrwx--- 2 named named 4096 Jul 5 10:36 slaves<br><br>Then , <br>[root@mailgw named]# cd master/<br>[root@mailgw master]# pwd<br>/var/named/chroot/var/named/master<br>[root@mailgw master]# touch example77.com.zone
<br><br>[root@mailgw master]# chown named:named example77.com.zone<br><br>And, I included my zone info to that file. here it is. <br><br>[root@mailgw master]# cat example77.com.zone<br>$TTL 86400<br>@ IN SOA
<a href="http://gateway.example77.com">gateway.example77.com</a>. <a href="http://root.example77.com">root.example77.com</a>. (<br> 2006101604 ; Serial<br> 1800 ; Refresh
<br> 300 ; Retry<br> 360000 ; Expire<br> 86400 ) ; Minimum<br><br> IN NS <a href="http://gateway.example77.com">gateway.example77.com
</a>.<br><br> IN MX 10 <a href="http://gateway.example77.com">gateway.example77.com</a>.<br> IN MX 20 <a href="http://mail.example77.com">mail.example77.com</a>.
<br><br> IN A <a href="http://192.168.0.3">192.168.0.3</a><br><br>gateway IN A <a href="http://192.168.0.3">192.168.0.3</a><br>mail IN A <a href="http://192.168.0.2">
192.168.0.2</a><br><br> </div><div><br> </div>Fiannly, I restarted named , pls see below. <br><br>[root@mailgw master]# /etc/init.d/named restart<br>Stopping named: [ OK ]<br>Starting named: [ OK ]
<br><br>But, I ckecked /var/log/messeges. I get below errors. <br><br>master/example77.com.zone:11: <span style="font-weight: bold;">example77.com\032: bad owner name (check-names</span>)<br>
Jul 5 14:32:42 mailgw named[8047]: zone example77.com\032/IN: loading
master file master/example77.com.zone: <span style="font-weight: bold;">bad owner name (check-names)</span><br><br>It says <span style="font-weight: bold;">bad owner name (check-names</span>). what it is. These are whtat I got evrerything in /var/log/messages. pls see below.
<br><br>[root@mailgw master]#<span style="font-weight: bold;"> tail -f /var/log/messages</span><br>Jul 5 14:32:40 mailgw named[7993]: exiting<br>Jul 5 14:32:42 mailgw named[8047]: starting BIND 9.3.3rc2 -u named -t /var/named/chroot
<br>Jul 5 14:32:42 mailgw named[8047]: found 2 CPUs, using 2 worker threads<br>Jul 5 14:32:42 mailgw named[8047]: loading configuration from '/etc/named.conf'<br>Jul 5 14:32:42 mailgw named[8047]: listening on IPv4 interface lo,
127.0.0.1#53<br>Jul 5 14:32:42 mailgw named[8047]: listening on IPv4 interface eth0, 203.143.26.131#53<br>Jul 5 14:32:42 mailgw named[8047]: command channel listening on 127.0.0.1#953<br>Jul 5 14:32:42 mailgw named[8047]:
<span style="font-weight: bold;"> master/example77.com.zone:11: example77.com\032: bad owner name (check-names)</span><br>Jul 5 14:32:42 mailgw named[8047]: <span style="font-weight: bold;">zone example77.com\032/IN: loading master file master/example77.com.zone: bad owner name (check-names)
</span><br>Jul 5 14:32:42 mailgw named[8047]: running<br><br><br>Whar exalty has happened. <br><br>I think you are alreday runnig <span style="font-weight: bold;">bind 9.3.3</span> under <span style="font-weight: bold;">
chroot jail</span> on <span style="font-weight: bold;">centOS 5</span>. <br><br>Pls help me to solve this issue. This is a MUST for me . So I need your help. <br><br>Pls NOTE that domain I have given above is <span style="font-weight: bold;">
<a href="http://example77.com">example77.com</a></span>. I can not give my real doamin name due to security reason. We can go ahead with that doamin name. when it gets up and running, I can change it to my real dmain name.
<br><br><br><br><br></div><br><br clear="all"><br>-- <br>Thank you<br>Indunil Jayasooriya<br>