Hello listmates,
I have two seemingly identical (in this reglard, at least) machine - both of them are running CentOS 6.2 with bind (bind-chroot) installed. I used webmin to edit the DNS configuration. One one of them it seems to work fine, on the other I get messages akin to the following:
Failed to create master zone : Failed to replace /var/named/chroot/etc/named.conf with /var/named/chroot/etc/named.conf.webmintmp.13214 : Device or resource busy
From what I can tell, the file
/var/named/chroot/etc/named.conf.webmintmp.13214 never even gets created to begin with.
Has anyone experienced that? Does anyone know what the issue is?
Thanks.
Boris.
On 5/9/2012 4:38 PM, Boris Epstein wrote:
Hello listmates,
I have two seemingly identical (in this reglard, at least) machine - both of them are running CentOS 6.2 with bind (bind-chroot) installed. I used webmin to edit the DNS configuration. One one of them it seems to work fine, on the other I get messages akin to the following:
Failed to create master zone : Failed to replace /var/named/chroot/etc/named.conf with /var/named/chroot/etc/named.conf.webmintmp.13214 : Device or resource busy
From what I can tell, the file
/var/named/chroot/etc/named.conf.webmintmp.13214 never even gets created to begin with.
Has anyone experienced that? Does anyone know what the issue is?
Thanks.
Boris. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I don't know anything about webmin, but I know in 6.x the zone files go in /var/named... and then when you reload named, they are chrooted...but you should let named do that. I might hazard to guess webmin is trying to put it where it should not go?
On May 9, 2012, at 2:55 PM, Bob Hoffman wrote:
On 5/9/2012 4:38 PM, Boris Epstein wrote:
Hello listmates,
I have two seemingly identical (in this reglard, at least) machine - both of them are running CentOS 6.2 with bind (bind-chroot) installed. I used webmin to edit the DNS configuration. One one of them it seems to work fine, on the other I get messages akin to the following:
Failed to create master zone : Failed to replace /var/named/chroot/etc/named.conf with /var/named/chroot/etc/named.conf.webmintmp.13214 : Device or resource busy
From what I can tell, the file
/var/named/chroot/etc/named.conf.webmintmp.13214 never even gets created to begin with.
Has anyone experienced that? Does anyone know what the issue is?
Thanks.
Boris. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I don't know anything about webmin, but I know in 6.x the zone files go in /var/named... and then when you reload named, they are chrooted...but you should let named do that. I might hazard to guess webmin is trying to put it where it should not go?
----- sounds like an SELinux issue. Probably best to work it out with Jamie on the Webmin mail list.
Craig
From: Boris Epstein borepstein@gmail.com
I have two seemingly identical (in this reglard, at least) machine - both of them are running CentOS 6.2 with bind (bind-chroot) installed. I used webmin to edit the DNS configuration. One one of them it seems to work fine, on the other I get messages akin to the following: Failed to create master zone : Failed to replace /var/named/chroot/etc/named.conf with /var/named/chroot/etc/named.conf.webmintmp.13214 : Device or resource busy
http://www.virtualmin.com/node/19608
From that page: "The best fix for now would be to
stop using the chroot completely, as it has few real security benefits in my opinion."
JD
On 5/10/2012 4:57 AM, John Doe wrote:
From: Boris Epsteinborepstein@gmail.com
I have two seemingly identical (in this reglard, at least) machine - both of them are running CentOS 6.2 with bind (bind-chroot) installed. I used webmin to edit the DNS configuration. One one of them it seems to work fine, on the other I get messages akin to the following: Failed to create master zone : Failed to replace /var/named/chroot/etc/named.conf with /var/named/chroot/etc/named.conf.webmintmp.13214 : Device or resource busy
http://www.virtualmin.com/node/19608
From that page: "The best fix for now would be to
stop using the chroot completely, as it has few real security benefits in my opinion."
JD
What I got out of it is virtualmin is trying to play with chrooted files in the chrooted location instead of understanding that bind-chroot kinda dynamically or symbolically puts them there (or whatever it does). It should be changing them in /var/named and then restarting... Sounds like that is all you can do if you want to use virtualmin
not an expert, so take all this with salt... All my files are chrooted when it is running, but no files actually reside in the chroot folder.
On May 10, 2012, at 6:27 AM, Bob Hoffman wrote:
What I got out of it is virtualmin is trying to play with chrooted files in the chrooted location instead of understanding that bind-chroot kinda dynamically or symbolically puts them there (or whatever it does). It should be changing them in /var/named and then restarting... Sounds like that is all you can do if you want to use virtualmin
not an expert, so take all this with salt... All my files are chrooted when it is running, but no files actually reside in the chroot folder.
---- I haven't used CentOS 6 at all so it's possible that the behavior has changed but I tend to doubt it.
The above would not be correct. All files in a chroot-bind should be under /var/named/chroot with perhaps a symbolic link from /var/named/chroot/etc/named.conf to /etc/named.conf
and the bind data files would reside in various directories under /var/named/chroot/var/named
Craig
On 05/10/12 1:57 AM, John Doe wrote:
http://www.virtualmin.com/node/19608
From that page: "The best fix for now would be to
stop using the chroot completely, as it has few real security benefits in my opinion."
from my page (not written)
"The best fix would be to toss webmin out the door, its a piece of junk that just messes up your system configuration"
same goes for CPanel, Plesk, and the rest of that lot.
On Thu, May 10, 2012 at 12:25 PM, John R Pierce pierce@hogranch.com wrote:
from my page (not written)
"The best fix would be to toss webmin out the door, its a piece of junk that just messes up your system configuration"
same goes for CPanel, Plesk, and the rest of that lot.
If webmin is a piece of junk, what do you think of the applications it manages that typically don't have their own way to safely check the syntax of their configurations and will crash on any error?
On 5/10/2012 1:25 PM, John R Pierce wrote:
On 05/10/12 1:57 AM, John Doe wrote:
http://www.virtualmin.com/node/19608
From that page: "The best fix for now would be to
stop using the chroot completely, as it has few real security benefits in my opinion."
from my page (not written)
"The best fix would be to toss webmin out the door, its a piece of junk that just messes up your system configuration"
same goes for CPanel, Plesk, and the rest of that lot.
snap....!!!! I agree actually. May take a little bit of knowledge to get it going right without one, but the panels do little and ask much.
On May 10, 2012, at 10:25 AM, John R Pierce wrote:
On 05/10/12 1:57 AM, John Doe wrote:
http://www.virtualmin.com/node/19608
From that page: "The best fix for now would be to
stop using the chroot completely, as it has few real security benefits in my opinion."
from my page (not written)
"The best fix would be to toss webmin out the door, its a piece of junk that just messes up your system configuration"
same goes for CPanel, Plesk, and the rest of that lot.
---- I don't use virtualmin and never have and likely never will. That said, I think the characterization of it being a 'piece of junk' is grossly unfair as I have used Jamie's Webmin and Usermin (albeit sparingly) and found them to be reasonably effective and Jamie to be extremely committed to bug squashing. I honestly don't know of any project that is more responsive to bug reports and reasonable suggestions. I find it reasonably effective at managing DHCP & DNS servers, very effective at managing LDAP Users and Groups and generally a reasonable tool that I can leave available for my customers on-site servers in case they simply need to shut servers down for odd reasons. Like all GUI configuration panels, it will make a mess of configuration files by randomly re-organizing them but hey, it does work.
I can't comment on CPanel or Plesk because I only had limited exposure to CPanel (cheapo shared hosting environment that my friend uses) and no exposure to Plesk other than the obvious questions that crop on on other lists.
Craig
On Wednesday 09 May 2012 16:38, the following was written:
I have two seemingly identical (in this reglard, at least) machine - both of them are running CentOS 6.2 with bind (bind-chroot) installed. I used webmin to edit the DNS configuration. One one of them it seems to work fine, on the other I get messages akin to the following:
Sounds to me as if you have SELinux set to enforce on the one that is giving you issues. you can check this with;
getenforce
You should get one of the following responses;
Enforcing Permissive
SELinux only allows writing to /var/named/chroot/slave by default
Another question I have is why do you not have your servers setup as Master and Slave?
-
bob -
Bob Hoffman
-
Boris Epstein -
Craig White -
John Doe -
John R Pierce -
Les Mikesell -
Robert Spangler