Главная » Linux

Linux error in named configuration

На чтение 11 мин Просмотров 1 Опубликовано
Содержание
  1. Named configuration error in centos 6.9
  2. 1 Answer 1
  3. CentOS 6.6 - вопрос по named
  4. Error in Bind9 named.conf file. Bind won't start
  5. Named service won't start - seems to be caching errors
  6. Update

Named configuration error in centos 6.9

im getting this error when i try to run /etc/init.d/named restart in my vm what should i do to resolve this issue the error output is as follows:

[shan@server1 ~]$ sudo /etc/init.d/named restart Stopping named: [ OK ] Starting named: /etc/init.d/named: line 115: 2072 Aborted /usr/sbin/named-checkconf $ckcf_options $ > /dev/null 2>&1 Error in named configuration: /etc/named.conf:163: bad secret 'bad base64 encoding' /etc/named.conf:163: bad secret 'bad base64 encoding' /etc/named.conf:163: bad secret 'bad base64 encoding' mem.c:1246: REQUIRE(ctx->references == 1) failed. [FAILED] 
Code: Select all // // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options < listen-on port 53 < 127.0.0.1; >; listen-on-v6 port 53 < ::1; >; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query < localhost; >; recursion yes; dnssec-enable yes; dnssec-validation yes; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; >; logging < channel default_debug < file "data/named.run"; severity dynamic; >; >; zone "." IN < type hint; file "named.ca"; >; zone shancked.com IN< type master; file "forward"; allow-update; >; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; 
[shan@server1 ~]$ sudo vi /etc/named.conf [shan@server1 ~]$ sudo named-checkconf /etc/named.conf [shan@server1 ~]$ sudo /etc/init.d/named restart Stopping named: [ OK ] Starting named: /etc/init.d/named: line 115: 2278 Aborted /usr/sbin/named-checkconf $ckcf_options $ > /dev/null 2>&1 Error in named configuration: /etc/named.conf:163: bad secret 'bad base64 encoding' /etc/named.conf:163: bad secret 'bad base64 encoding' /etc/named.conf:163: bad secret 'bad base64 encoding' mem.c:1246: REQUIRE(ctx->references == 1) failed. [FAILED] [shan@server1 ~]$ 
[shan@server1 ~]$ sudo service named restart Stopping named: [ OK ] Starting named: Error in named configuration: forward:8: unknown RR type '@' forward:9: unknown RR type 'server1' forward:10: unknown RR type 'server2' zone shancked.com/IN: loading from master file forward failed: unknown class/type zone shancked.com/IN: not loaded due to errors. _default/shancked.com/IN: unknown class/type zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 [FAILED] 
zone "localhost.localdomain" IN < type master; file "named.localhost"; allow-update < none; >; >; zone "localhost" IN < type master; file "named.localhost"; allow-update < none; >; >; zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN < type master; file "named.loopback"; allow-update < none; >; >; zone "1.0.0.127.in-addr.arpa" IN < type master; file "named.loopback"; allow-update < none; >; >; zone "0.in-addr.arpa" IN < type master; file "named.empty"; allow-update < none; >; >; 
$TTL 1D $ORIGIN example.tv. @ IN SOA server1.example.tv. root.server.example.tv. ( 2018020211 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum ; ; @ IN NS server1.example.tv. server1 IN A 10.0.2.17 server2 IN A 10.0.2.16 
zone example.tv IN < type master; file "forward"; allow-update < key server1.example.tv; >; >; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; include "/etc/named/server.key"; 
key server1.example.tv < algorithm hmac-md5; secret "EeLHcvOPr4cCaEySX1jBbw= mt24 mb12">
    centosbind
)" data-controller="se-share-sheet" data-se-share-sheet-title="Share a link to this question" data-se-share-sheet-subtitle="" data-se-share-sheet-post-type="question" data-se-share-sheet-social="facebook twitter " data-se-share-sheet-location="1" data-se-share-sheet-license-url="https%3a%2f%2fcreativecommons.org%2flicenses%2fby-sa%2f3.0%2f" data-se-share-sheet-license-name="CC BY-SA 3.0" data-s-popover-placement="bottom-start">Share
)" title="">Improve this question
)">edited Feb 1, 2018 at 13:06
asked Jan 31, 2018 at 14:44
17
    1
    try inspecting or regenerating the secrets in the *.key files, which is usually base64 encoded but apparently not in your case. this is usually done with rndc-confgen for named.root.key.
    – thrig
    Jan 31, 2018 at 14:51
    I don't think this is your whole named.conf file, the error is on line 163 and what you show is only 51 lines long.
    – wurtel
    Jan 31, 2018 at 15:09
    @wurtel thats the confusing part to me too why is it showing more than the usual lines
    – jackal4me
    Jan 31, 2018 at 15:26
    It might be counting the lines from the included file as well. Move the include "/etc/named.root.key"; line to above the previous include statement, and see if that "fixes" the line number.
    – wurtel
    Jan 31, 2018 at 15:40
    @wurtel i still face the same problem
    – jackal4me
    Jan 31, 2018 at 15:56
|Show 12 more comments

1 Answer 1

Reset to default
0

Your key declaration is incorrect.

server1.shancked.com. < algorithm hmac-md5; secret [base64_secret]; >;

Источник

CentOS 6.6 - вопрос по named

Здравствуйте! На рабочей станции, находящейся в локальной сети предприятия, пытаюсь установить сервер на базе CentOS 6.6, что бы в последующем заменить этой станцией работающий сервер. Установил bind-9.8.2-0.30.rc1.el6.i686, bind-chroot-9.8.2-0.30.rc1.el6.i686; создал конфиг.:

acl lan < # группа "доверенных" хостов localhost; 192.168.0/24; # локальная сеть 10.10.1.4; # мой ip в локальной сети провайдера >; options < directory "/var/named"; dump-file "data/cache_dump.db"; # дамп файл statistics-file "data/named_stats.txt"; # статистика memstatistics-file "data/named_mem_stats.txt"; # статистика использования памяти notify yes; # Чтобы bind не принимал запросы со всех запущенных интерфейсов listen-on < 127.0.0.1; 192.168.0.1; >; listen-on port 53 < 127.0.0.1; 192.168.0.1; >; listen-on-v6 port 53 < ::1; >; query-source port 53; query-source-v6 port 53; # Пнд 12 Дек 2011 10:17:39 - "чёрный" список,- запросы не обрабатываются blackhole < 192.168.100/24; >; allow-query < lan; >; # разрешить запросы группе "доверенных" хостов allow-recursion < lan; >; # разрешить рекурсивные запросы группе "доверенных" хостов allow-transfer < none; >; # запретить всем пересылку зоны recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; >; logging < channel default_debug < file "data/named.run"; # log работы named severity dynamic; print-time yes; # регистрировать время >; channel general < file "data/named.log"; severity warning; # уровень важности информации print-category yes; # регистрировать категорию print-severity yes; print-time yes; >; channel security_info < file "data/named-auth.log"; # причины отказа severity info; print-category yes; print-severity yes; print-time yes; >; category default < default_debug; >; category general < general; default_syslog; default_debug; default_stderr; >; category security < security_info; >; >; view localhost_resolver < match-clients < lan; >; match-destinations < lan; >; recursion yes; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; include "chroot/etc/mydomain.com.zones"; >; controls < inet 127.0.0.1 allow < localhost; >keys < /etc/rndc.key; >; >; 
Запускается named: Error in named configuration: /etc/named.conf:141: expected string near '/' [СБОЙ ] 
[root@test-server ~]# /etc/init.d/named start Запускается named: [ OK ] [root@test-server ~]# /etc/init.d/named status rndc: connect failed: 127.0.0.1#953: connection refused named-sdb (pid 10656) выполняется. [root@test-server ~]# 
[root@test-server ~]# iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination 
В /var/named/data/named.run имеется: 
10-Dec-2014 10:51:22.614 zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 0 10-Dec-2014 10:51:22.616 zone 1.0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 0 10-Dec-2014 10:51:22.621 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 0 10-Dec-2014 10:51:22.630 zone mydomain.com/IN/localhost_resolver: loaded serial 2009093001 10-Dec-2014 10:51:22.631 zone localhost.localdomain/IN/localhost_resolver: loaded serial 0 10-Dec-2014 10:51:22.633 zone localhost/IN/localhost_resolver: loaded serial 0 10-Dec-2014 10:51:22.636 managed-keys-zone ./IN/localhost_resolver: loaded serial 3 10-Dec-2014 10:51:22.674 running 10-Dec-2014 10:51:22.675 zone mydomain.com/IN/localhost_resolver: sending notifies (serial 2009093001) 10-Dec-2014 10:51:22.775 error (network unreachable) resolving 'ns4.dmedia-ua.com/AAAA/IN': 2001:503:231d::2:30#53 10-Dec-2014 10:51:22.783 error (network unreachable) resolving 'ns4.dmedia-ua.com/A/IN': 2001:503:231d::2:30#53 10-Dec-2014 10:51:22.784 error (network unreachable) resolving './DNSKEY/IN': 2001:7fd::1#53

Как исправить сутуацию? Спасибо.

Источник

Error in Bind9 named.conf file. Bind won't start

I'm trying to setup a DNS server on an Ubuntu Server machine (10.04). I configured an entry in named.conf.local to test it, but when trying to restart bind9 I get the following error:

 * Starting domain name service. bind9 [fail] 
May 20 18:11:13 empression-server1 named[4700]: starting BIND 9.7.0-P1 -u bind May 20 18:11:13 empression-server1 named[4700]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' May 20 18:11:13 empression-server1 named[4700]: adjusted limit on open files from 1024 to 1048576 May 20 18:11:13 empression-server1 named[4700]: found 4 CPUs, using 4 worker threads May 20 18:11:13 empression-server1 named[4700]: using up to 4096 sockets May 20 18:11:13 empression-server1 named[4700]: loading configuration from '/etc/bind/named.conf' May 20 18:11:13 empression-server1 named[4700]: /etc/bind/named.conf:10: missing ';' before 'include' May 20 18:11:13 empression-server1 named[4700]: loading configuration: failure May 20 18:11:13 empression-server1 named[4700]: exiting (due to fatal error)

So it thinks I have an error in the default named.conf file, which is pretty ridiculous. I went through it and deleted a blank line just for the hell of it, but I can't see how it figures there's an error in there. Note that before this I did have an error in named.conf.local, but it showed up properly in syslog and I fixed it, so it is reporting the correct file. Here is the contents of named.conf:

// This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind9/README.Debian.gz for information on the // structure of BIND configuration files in Debian, *BEFORE* you customize // this configuration file. // // If you are just adding zones, please do that in /etc/bind/named.conf.local include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones";

Источник

Named service won't start - seems to be caching errors

Stopping named: [ OK ] Starting named: Error in named configuration: /etc/named.conf:2: missing ';' before '>' [FAILED] service named start 
Starting named: Error in named configuration: /etc/named.conf:2: missing ';' before '>' [FAILED]

The thing is, even if named.conf contains no syntax errors or even if the file doesn't exist at all, I'm still getting this error preventing me from starting the service. Currently trying with a named.conf containing the following:-

named-checkconf /etc/named.conf

Results in no errors. Yet when starting the service, I still get the above error. I can't see any other errors in the logs relating to this and don't really know where to get to the bottom of this. Any ideas? (Even reverting back to the named.conf file that was in place before I stopped the service returns the same error now and this was previously running fine). Contents on init.d/named can be seen at this pastebin. CentOS 6.4 - Linux version 2.6.32-358.6.2.el6.x86_64 (mockbuild@c6b8.bsys.dev.centos.org) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC) ) #1 SMP Thu May 16 20:59:36 UTC 2013

Update

bash -x /etc/init.d/named start 
+ echo 'Error in named configuration:' Error in named configuration: + echo '/etc/named.conf:2: missing '\'';'\'' before '\''>'\''' /etc/named.conf:2: missing ';' before '>' + failure + local rc=0 + '[' color '!=' verbose -a -z '' ']' + echo_failure + '[' color = color ']' + echo -en '\033[60G' + echo -n '[' [+ '[' color = color ']' + echo -en '\033[0;31m' + echo -n FAILED FAILED+ '[' color = color ']' + echo -en '\033[0;39m' + echo -n ']' ]+ echo -ne '\r' + return 1 + '[' -x /bin/plymouth ']' + /bin/plymouth --details + return 0 + echo

Источник

Читайте также:  Linux установка аудио драйвера
Оцените статью
© 2023 Posetke
Adblock
detector