SCIENTIFIC-LINUX-USERS Archives

July 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: bind error: none:0: open: /etc/named.conf: permission denied
From:
Todd And Margo Chester <[log in to unmask]>
Reply To:
Todd And Margo Chester <[log in to unmask]>
Date:
Fri, 22 Jul 2011 20:30:48 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (113 lines) 
On 07/22/2011 07:31 PM, William Scott wrote:
> On 23 July 2011 11:45, Todd And Margo Chester<[log in to unmask]>  wrote:
>> Hi Guys,
>>
>>   sl6, 64 bit
>>   bind
>>   bind-chroot
>>
>> I am trying  to migrate my DNS (bind, named) over from Cent OS 5.6
> Where did you place your zone files on the SL6 box?
>
Same place as CentOS 5.6.

/var/named/chroot/var/named/slaves

-T

-------------/var/named/chroot/etc/named.conf-----------------

options {
     directory "/var/named";
         # the following forwarders is for Open DNS
         # forwarders { 208.67.222.222; 208.67.220.220; };

         # the following forwarders is for frontier.com's Nevada DNS servers
         forwarders { 216.67.192.3; 74.40.37.242; };
     /*
      * If there is a firewall between you and nameservers you want
      * to talk to, you might need to uncomment the query-source
      * directive below.  Previous versions of BIND always asked
      * questions using port 53, but BIND 8.1 uses an unprivileged
      * port by default.
      */
     // query-source address * port 53;
};

//
// /etc/named.boot
//
// This is the boot file that /etc/init.d/inetsvc uses to run in.named
//
//
// The "directory <path>" statement points to where the name server (and
// its files) will be running.
// example:
// directory  /var/named
//
//
//
// The "cache  .  named.ca" statement appears on all servers and tells the
// server which servers are authoritative name servers for the root zone.
// The addresses of the "higher authorities" are listed in the named.ca 
file.
//
zone "." {
     type hint;
     file "named.ca";
};

//
//
// forwarders 206.40.79.2
// forward-only
//
//
key DHCP_UPDATER {
     algorithm hmac-md5;
     secret cgGq509uDODGTU4J9QZwgQ==;
};

zone "rent-a-nerd.local" {
     type master;
# look in /var/named/chroot/var/named/slaves
     file "slaves/foo.hosts";
         allow-update { key DHCP_UPDATER;};
#       allow-update { 127.0.0.1; };
};

zone "255.168.192.in-addr.arpa" {
     type master;
# look in /var/named/chroot/var/named/slaves
     file "slaves/foo.hosts.rev";
         allow-update { key DHCP_UPDATER; };
#       allow-update { 127.0.0.1; };
};

zone "0.0.127.in-addr.arpa" {
     type master;
     file "named.local";
};

logging {
      channel update_debug {
# look in /var/named/chroot/var/named/slaves
           file "slaves/named-update-debug.log";
           severity  debug 3;
           print-category yes;
           print-severity yes;
           print-time     yes;
       };
           channel security_info    {
# look in /var/named/chroot/var/named/slaves
           file "slaves/named-auth.info";
           severity  info;
           print-category yes;
           print-severity yes;
           print-time     yes;
       };

       category update { update_debug; };
       category security { security_info; };
};

ATOM RSS1 RSS2