Marcio Jota Coelho wrote:

Comecei tudo do zero...
e agora esta aparecendo essas msg de erro..



apps04# tail -f /var/log/messages
Feb 15 10:54:45 apps04 named[331]: client 192.168.1.27#1532: update
'dominio.com.br/IN' denied
Feb 15 10:54:56 apps04 named[331]: client 192.168.1.40#1674: update
'dominio.com.br/IN' denied
Feb 15 10:56:53 apps04 named[331]: client 192.168.1.41#1054: update
'dominio.com.br/IN' denied
Feb 15 10:59:45 apps04 named[331]: client 192.168.1.27#1556: update
'dominio.com.br/IN' denied
Feb 15 10:59:56 apps04 named[331]: client 192.168.1.40#1688: update
'dominio.com.br/IN' denied
Feb 15 11:00:49 apps04 named[331]: client 192.168.1.41#1078: update
'dominio.com.br/IN' denied
Feb 15 11:04:45 apps04 named[331]: client 192.168.1.27#1576: update
'dominio.com.br/IN' denied
Feb 15 11:04:56 apps04 named[331]: client 192.168.1.40#1700: update
'dominio.com.br/IN' denied
Feb 15 11:06:24 apps04 named[331]: dumping master file:
master/tmp-PrKkiW5Sp1: open: permission denied
Feb 15 11:06:26 apps04 named[331]: client 192.168.1.41#1059: update
'dominio.com.br/IN' denied

Veja so o meu named.conf

apps04# cat /etc/namedb/named.conf
options {
       directory       "/etc/namedb";
       pid-file        "/var/run/named/pid";
       dump-file       "/var/dump/named_dump.db";
       statistics-file "/var/stats/named.stats";
};

key "rndc-key" {
       algorithm       hmac-md5;
       secret "secret";
};


zone "0.0.127.IN-ADDR.ARPA" { type master; file "master/localhost.rev"; };

zone "1.168.192.in-addr.arpa" {
       type master;
       file "master/1.168.192.in-addr.arpa";
       allow-update { key rndc-key; };
       allow-transfer { 127/8; 192.168.1.0/16;};
       allow-query { 127/8; 192.168.1.0/16;};
};

zone "dominio.com.br" {
       type master;
       file "master/dominio.com.br";
       allow-update { key rndc-key; };
       allow-transfer { 127/8; 192.168.1.0/16;};
       allow-query { 127/8; 192.168.1.0/16;};
};


e meu dhcp.conf

apps04# cat /usr/local/etc/dhcpd.conf |grep -v #
key "rndc-key" {
       algorithm       hmac-md5;
       secret "secret";
}

zone dominio.com.br {
 primary 127.0.0.1;
 key rndc-key;
}

zone 1.168.192.in-addr.arpa {
 primary 127.0.0.1;
 key rndc-key;
}

default-lease-time 600;
max-lease-time 7200;

authoritative;


ddns-update-style ad-hoc; ddns-updates on;

log-facility local7;

subnet 192.168.1.0 netmask 255.255.255.0 {
 range 192.168.1.10 192.168.1.150;
 option domain-name-servers 192.168.1.234;
 option domain-name "dominio.com.br";
 option routers 192.168.1.249;
 default-lease-time 600;
 max-lease-time 7200;

}


as permisoes...


apps04# ls -l /etc/namedb/ total 20 -rwxrwx--- 1 root wheel 423 Nov 5 01:27 PROTO.localhost-v6.rev -rwxrwx--- 1 root wheel 423 Nov 5 01:27 PROTO.localhost.rev drwxrwx--- 2 root wheel 512 Feb 10 13:01 dynamic -rwxrwx--- 1 root wheel 1093 Nov 5 01:27 make-localhost drwxr-xr-x 2 root wheel 512 Feb 15 09:57 master -rwxrwx--- 1 root wheel 783 Feb 15 10:14 named.conf -rwxrwx--- 1 root wheel 2600 Nov 5 01:27 named.root -rw------- 1 bind wheel 97 Feb 15 08:44 rndc.key drwxr-xr-x 2 bind wheel 512 Feb 15 09:53 slave

apps04# ls -l /etc/namedb/master/
total 12
-rwxr-xr-x  1 bind  wheel   425 Feb 15 10:25 1.168.192.in-addr.arpa
-rw-r--r--  1 bind  wheel  2175 Feb 15 11:01 1.168.192.in-addr.arpa.jnl
-rwxr-xr-x  1 bind  wheel   472 Feb 13 18:37 localhost.rev
-rwxr-xr-x  1 bind  wheel   312 Feb 15 10:26 dominio.com.br
-rw-r--r--  1 bind  wheel  1796 Feb 15 11:01 dominio.com.br.jnl

e os processos...

apps04# ps -aux| grep dhcp
dhcpd   655  0.0  0.1  3808 2884  ??  Is   11:01AM   0:00.01
/usr/local/sbin/dhcpd -cf /usr/local/etc/dhcpd.conf -lf
/var/db/dhcpd/dhcpd.leases -pf /var/run



apps04# ps -aux | grep bind
bind    331  0.0  0.2  5804 4560  ??  Ss   10:54AM   0:00.43
/usr/sbin/named -u bind -t /var/named
root    341  0.0  0.1  1420 1080  ??  Is   10:54AM   0:00.00
/usr/sbin/rpcbind


ja alterei o usuario do dhcpd para root e bind.. e o erro continua aparecendo... mas agora eu acho que esta quase la...







vc deve defenir assim  olhe  para que o dynamic update funcione
named.conf

key DHCP_UPDATER {
        algorithm HMAC-MD5.SIG-ALG.REG.INT;
        secret pRP5FapFoJ9gkvgkljtyol5J;
      };


zone "biosystems.ath.cx" IN {
type master;
file "bio/db.biosystems";
allow-update { key DHCP_UPDATER; };
allow-transfer { 127/8; 10.0.1/24; 192.168.33/29;


192.168.42/29; };


       allow-query { 127/8; 10.0.1/24; 192.168.33/29; 192.168.42/29; };
};

zone "1.0.10.in-addr.arpa" IN {
type master;
file "bio/db.1.0.10";
allow-update { key DHCP_UPDATER; };
allow-transfer { 127/8; 10.0.1/24; 192.168.33/29;


192.168.42/29; };


       allow-query { 127/8; 10.0.1/24; 192.168.33/29; 192.168.42/29; };
};


dhcpd.conf

ddns-update-style adhoc;

key DHCP_UPDATER {
        algorithm HMAC-MD5.SIG-ALG.REG.INT;
        secret pRP5FapFoJ9gkvgkljtyol5J;
      };

zone biosystems.ath.cx. {
        primary 10.0.1.1;
        key DHCP_UPDATER;
      }


zone 1.0.10.in-addr.arpa. { primary 10.0.1.1; key DHCP_UPDATER; }


somente isso. be happy



outra cois muito boa é o dhcpd fail over  facil de implementar e
simples de gerenciar  deem uma lida por ai  . é super simples.










olha o nome do owner do diretorio master nao adianta vc librar os arquivos se o proprietario ou o grupo do diretorio ainda estao travados tenta alterar isso e reinicie o named.

drwxr-xr-x  2 root  wheel   512 Feb 15 09:57 master


_______________________________________________________________ Para enviar um novo email para a lista: freebsd@fug.com.br Sair da Lista: http://mail.fug.com.br/mailman/listinfo/freebsd_fug.com.br Historico: http://www4.fugspbr.org/lista/html/FUG-BR/

Responder a