Major BIND/DNS Problem

I have been having an issue with webmin that started happening after i tried moving my bind out of the chroot. My whole problem is documented in the following forum thread (i did not start the thread but was having similar issues and asked here for help there).

http://www.virtualmin.com/node/21870

Ronald suggested i post here and see if eric or jamie could help me out.

thanks in advance!

warren

Status: 
Closed (fixed)

Comments

Howdy -- that's a fairly sizable thread there, can you summarize the problem that you're having, including any errors that you're seeing? Thanks!

ok....my initial problem was i was getting an error message in webmin about running bind under chroot so i did a search and came up with the thread i referenced.

I did what was recommended in the thread (moving bind out of chroot) and after that, virtual servers i tried to install could not be seen but the virtual servers that were on the server before i made the change still worked.

also Virtual servers i added before changing the bind settings suggested in this thread are still visible to the web and email and ftp work just fine....BUT when i try to look at the dns info for those sites i get an error in webmin saying config file can't be found.

I know the other thread is long but there is a lot of information pertaining to my issue in there : )

the bottom line is i need to have bind setup so that the existing virtual servers continue to work and new virtual servers that i add work too....so far i haven't been able to accomplish that.

thanks warren

i've had issues with virtualmin, named & centos 6 but i do have it working. heres my checklist i now run through for a fresh install, some of it might help you get things working

  1. firstly get rid of bind-chroot yum -y remove bind-chroot
  2. edit /etc/sysconfig/named and remove/comment out any lines that look like ROOTDIR="/var/named/chroot"
  3. fix the owner of /etc/named.conf with chown named:named /etc/named.conf
  4. In Webmin go to Servers > Bind DNS Server > Module Config and check the following configs

BIND DNS Paths

  1. Chroot directory to run BIND under: none
  2. Is named.conf under chroot directory?: no

Zone file options

  1. Directory for master zone files: /var/named
  2. Directory for slave/stub zone files: /var/named/slaves
  3. Owner for zone files (user:group): named:named

Restart named and you should be good to go.

thanks chris but as was discussed in the referenced thread....my problem (and the puzzling part) is that all my virtual servers that are currently working, have bind running under chroot.

i have no problem getting rid of bind-chroot (if that is what has to happen) but i don't want to loose all the virtual servers that are currently working correctly under bind-chroot.

any ideas? is it possible to move the virtual servers that are working into a non chroot directory without loosing any info etc. and then using those paths in webmin.

thanks in advance

chris (and others)

sorry to keep posting but so far i haven't got this figured out.

I understand the process you listed but my concern is the several domains that ARE currently working that ARE under chroot. How can i not loose them when moving to a non chroot directory.

i've lost several customers already because i can't get this working so they have gone elsewhere.

maybe one of the developers can help?

After talking to Jamie about this -- he says that changing from chroot to non-chroot on a live server can be tricky... it can cause trouble with zone files, paths, and such.

Especially since you're saying that the ones that work correctly are still under the chroot -- Jamie's question is, do you really need to change away from using a chroot environment? It may be simpler to fix whatever issue you were seeing, than it is to change a live server to non-chroot.

I have no problem staying in the chroot environment....that's how it was originally setup....

how should i proceed?

If things are working fine for you using the chroot environment, we'd recommend using that, as switching on a live server can cause problems.

i understand....the problem is that i can't seem to get it working now that i tried moving things out from chroot. i'm about ready to just give up....i've lost several clients because i can't add new virtual servers....i don't know if it is a path issue but i am still having problems with this -_-

i have made sure all my paths are correct (to files under chroot) and when i try to save the settings i get this error....

"The primary configuration file for BIND var/named/chroot/etc/named.conf does not exist, or is not valid. Create it?"

note: i see the file "named.conf" in the correct directory and when i open it i see all the domains that are currently working but i notice the paths to the hosts files are incorrect but all the domains are working.

so i choose "Setup as an internet name server, and download root server information" and i get the following error.

"Download failed : Uncompression of root zone file failed : sh: var/named/chroot/etc/db.cache: No such file or directory "

the file is there....i can see it

i don't know why this is so complicated....seems like it should be simple. any suggestions?

thanks in advance

Does the error message really contain the path "var/named/chroot/etc/named.conf" , with no / at the start?

If so, make sure that the chroot path you enter on the Module Config page has a / at the start, like /var/named/chroot

Chris your checklist works great for me. Thanks

hey jamie

first the good news! i added the / at the start and now it seems to be working on the domains already on the server (i can see them when i'm in the bind module!

and the not so good news.... so now i tried to add a new virtual server (rknicholson.com) and get this error (from bind).....all the domains listed before the rknicholson.com stuff are the domains that are working. I must have some other setting wrong?

thanks a million for all your help....at least i feel like i made progress today

Failed to start BIND : Starting named: Error in named configuration: zone warrenworld.com/IN: loaded serial 1329323988 zone srv1.wphosting.net/IN: loaded serial 2012021205 zone srv2.wphosting.net/IN: loaded serial 2012021205 zone burgphoto.com/IN: loaded serial 1329325346 zone oceanariums.com/IN: loaded serial 1329326474 zone ww-cs.com/IN: loaded serial 1329337997 zone cannellctc.com/IN: loaded serial 1329402867 zone thewighthouse.net/IN: loaded serial 1329432364 zone centurionbc.com/IN: loaded serial 1329490073 zone timkellyblogs.com/IN: loaded serial 1329492618 zone girondapiano.com/IN: loaded serial 1329584046 zone fineartistsmanagement.com/IN: loaded serial 1330962629 zone stevedelroy.com/IN: loaded serial 1332775740 zone rknicholson.com/IN: loading from master file /var/named/chroot/var/named/rknicholson.com.hosts failed: file not found zone rknicholson.com/IN: not loaded due to errors. _default/rknicholson.com/IN: file not found [FAILED]

It sounds like it's looking for the file "/var/named/chroot/var/named/rknicholson.com.hosts failed" -- is rknicholson.com a domain on your server?

And do you see the file rknicholson.com.hosts anywhere else on your system there?

rknicholson.com.hosts is in the folder webmin is saying it's not in.

i can see the domain in webmin

not visable to the internet though

could this be an issue....

screen shot was easier than trying to explain

just checking in : )

any thoughts?

Could you attach the file /etc/webmin/bind8/config to this bug report? I'd like to see exactly what settings are in use ..

I think I see the problem - a bunch of your paths have /var/named/chroot at the start. Those all need to be removed.

so just to make sure.... edit the config file to remove all instances of "/var/named/chroot"

thanks : )

Yes, that is what I meant. The remaining paths still need to start with / though.

well i did that and i get the same error when restarting bind....and now i don't see any of my installed domains in the bind config (i attached a screenshot)

i'm also attaching my new config file

im way beyond frustrated right now

I had a look at your system, and it looks like it is stuck half-way between a chroot'd and non-chroot'd setup.

The simplest way to clean this up would be for me to turn off the chroot setup entirely. Is that OK?

that works for me as long as the existing virtual severs remain intact!

thank you thank you thank you

Actually, I managed to properly get it working in chroot mode now. Please check that everything looks OK ..

it looks like it's working....i'm going to check deeper and try adding a new virtual server to see if that works!

awesome....everything seems to be working perfectly (i really do love virtualmin/webmin)

thanks to everybody for helping me out!

jamie you're the best! was it a matter of just getting all my paths correct or was there more to the story?

just curious and maybe it will help some other poor soul who's desperately searching the web with the same type of issue!

again thanks for all your help

Cool... I had to fix a few paths and links to get it working.

I'm not sure how your system ended up in that state, as there were multiple mismatches between what the config files expected and reality.

Automatically closed -- issue fixed for 2 weeks with no activity.

thanks jamie! everything is still running smoothly....i really do love virtualmin/webmin....keep up the great work!

hey jamie the bind issue is happening to me again (it has been running great ever since you helped out)....

My server was shut down due to a power outtage and then of course restarted....now it is showing bind as not running when it actually is.

thoughts?

Just to rule out a couple of simple issues -- try restarting BIND and Webmin:

/etc/init.d/named restart
/etc/init.d/webmin restart

And then manually run the collectinfo.pl script:

/etc/webmin/virtual-server/collectinfo.pl

After doing those steps, do you still see that problem in Virtualmin?

still have the problem after running all three commands from root

If you go into Webmin -> Servers -> BIND DNS Server -> Module Config -> System Configuration, what does "Default PID file location(s)" show?

/var/run/named/named.pid

it's weird that it was working fine until the server lost power....no settings were changed (jamie logged in to my server before when i was having issues and set all the paths and such....i didn't touch it after that.

thanks

If you run this command:

cat /var/run/named/named.pid

Does it output a number? If so, what is the output of this command:

ps auxw | grep `cat /var/run/named/named.pid`

no number....i get:

[root@server ~]# cat /var/run/named/named.pid cat: /var/run/named/named.pid: No such file or directory [root@server ~]#

Okay, what does this command output:

find /var -name named.pid

[root@server ~]# find /var -name named.pid /var/named/chroot/var/run/named/named.pid /var/named/chroot/var/run/named.pid /var/named/chroot/run/named.pid /var/run/named.pid [root@server ~]#

Okay, so what is the contents of the file "/var/run/named.pid"?

28019

i'm still wondering why everything was fine until the accidental shutdown....

Okay, so in Webmin -> Servers -> BIND DNS Server -> Module Config -> System Configuration, set "Default PID file location(s)" to "/var/run/named.pid".

ok did that and also restarted bind and webmin but webmin is still showing that bind is not running

bump....any more ideas?

thanks

Any chance we could login to your system to take a look at this?

sure no problem....jamie already has my login info for both webmin and ssh

just checking in....haven't heard anything since asking to log into my system.

let me know if you need any other information

thanks :-)

thanks....i just sent eric my login info

thanks....i just sent eric my login info

Okay, it took both of us a bit of fiddling, but Jamie was able to get it working. BIND is now correctly showing as running.

awesome....can you tell me what had to be done....still wonder why things changed after the the hard shutdown.

thanks again for the help!

There were various issues relating to the switch from BIND outside a chroot to BIND within a chroot. It required multiple changes, both inside and outside of Virtualmin. That is, it wasn't a simple fix, but hopefully that won't come up any more :-)