| Stephen Gran on 21 Feb 2005 20:06:00 -0000 |
|
On Mon, Feb 21, 2005 at 02:51:41PM -0500, Mike Leone said: > Stephen Gran wrote: > > On Mon, Feb 21, 2005 at 12:18:13PM -0500, Mike Leone said: > >> OK; I've added this. Last night, I saw a message that bind could not > >> update a journal file, because it couldn't create it. So I manually > >> created a "mike-leone.com.jnl" file, owner bind. > >> > >> I guess what I really need is to make the /etc/bind directory writable > >> by the user bind. How best to do that? > > > > named writes the journal files to /var/cache/bind, at least here. This > > is set in /etc/bind/named.conf.options with the directory directive, so > > your setup may be different. > > Mine says that, too. Yet when it wrote the journal file, it wrote it in > /etc/bind. Very strange. > > Whatever directory it is, make sure it is > > writable by user named (that is the default user for bind9 in Debian, > > AFAIR). > > As I posed before, mine apparently runs as user "bind". Ah right, you are correct, sorry about that. Yes, so the directory it writes the journal to has to be writable by user bind. Perhaps the $HOME setting is conflicting with the directory directive? What does `getent passwd bind` say? > Now, of course, it's back to not working ... > > Feb 21 14:32:46 mail named[841]: client 192.168.100.73#1851: updating > zone 'mike-leone.com/IN': update failed: 'RRset exists (value > dependent)' prerequisite not satisfied (NXRRSET) > Feb 21 14:32:46 mail named[841]: client 192.168.100.73#1854: update > 'mike-leone.com/IN' denied > > <SIGH> I *knew* I shoulda just left it alone last night ... > > Ah, well. More poking ... It will never work for LAN clients, which is the failure you're seeing above. They just don't have the shared key, so rndc won't let them update. The way around that is to make the WinXP clients _not_ try to update DNS, but let dhcpd do it for them. I can't remember off-hand where that is set on the client side - somewhere in the 'advanced' properties of one of the network tabs, I imagine. For bind problems, run it in debug mode for a while to see what is going wrong, and post the relevant snippets if they don't lead you to the answer. These are seperable issues, remember :) -- -------------------------------------------------------------------------- | Stephen Gran | There seems no plan because it is all | | steve@lobefin.net | plan. -- C.S. Lewis | | http://www.lobefin.net/~steve | | -------------------------------------------------------------------------- Attachment:
pgpLgdFNghNW5.pgp ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|