Re: Description of log file contents
Hi, > It is in the ARM. > > http://ftp.isc.org/isc/bind9/cur/9.8/doc/arm/Bv9ARM.ch06.html#id2575842 Thanks everyone for the information. Sure appreciate it. Alex ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: start script for bind9
On 14.04.11 14:23, hugo hugoo wrote: > I have installed bind9 using the make install procedure. > It works but I did not find any startup script to could put in my > /etc/init.d/ directory. > > I know that if bind is installed via apt-get install (I am using debian > linux version), there is automatically a bind9 startup script in > /etc/init.d/ directory. Why don't you use the version provided with debian? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Chernobyl was an Windows 95 beta test site. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: AW: ipv6 PTR in zone file
pint> use Net::IP
pint> $foo = new Net::IP '2001:db8::42'
3
pint> $foo->reverse_ip()
2.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.
0.1.0.0.2.ip6.arpa.
pint>
Or you could just dash off the simple perl expression to do the job:
my $ptr = do {
my($head,$tail) =
map { join '', map { sprintf '%04s',$_; } split /:/,$_; }
split /::/, $addr . '::', 3;
my $hex32 = '0' x 32;
substr( $hex32, 0, length($head) ) = $head;
substr( $hex32, 32, -length($tail) ) = $tail;
join '.', ( reverse split //, $hex32 ), 'ip6.arpa';
};
John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
RE: start script for bind9
I do not use the version provided bu Debian because I am migrating from bind8
to Bind9 and I wan to have both versions available on the same server.
So, I want to have Bind9 totally separated from Bind8.
I use Debian, version 5 and the last ESV bind9.
- I have seen that in the debian distribution, bind9 is started via "named -u
bind" ==> is it dangerous to run bind9 as root?
- The following script is provided i nthe distribution to start/stop bind9.
But I hesitate to copy it to use it with a source installation.
lennydnstest01:~# cat /etc/init.d/bind9
#!/bin/sh
### BEGIN INIT INFO
# Provides: bind9
# Required-Start:$remote_fs
# Required-Stop: $remote_fs
# Should-Start: $network $syslog
# Should-Stop: $network $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start and stop bind9
# Description: bind9 is a Domain Name Server (DNS)
#which translates ip addresses to and from internet names
### END INIT INFO
PATH=/sbin:/bin:/usr/sbin:/usr/bin
# for a chrooted server: "-u bind -t /var/lib/named"
# Don't modify this line, change or create /etc/default/bind9.
OPTIONS=""
RESOLVCONF=no
test -f /etc/default/bind9 && . /etc/default/bind9
test -x /usr/sbin/rndc || exit 0
. /lib/lsb/init-functions
DISTRO=$(lsb_release -is 2>/dev/null || echo Debian)
PIDFILE=/var/run/bind/run/named.pid
check_network() {
if [ -x /usr/bin/uname ] && [ "X$(/usr/bin/uname -o)" = XSolaris ]; then
IFCONFIG_OPTS="-au"
else
IFCONFIG_OPTS=""
fi
if [ -z "$(/sbin/ifconfig $IFCONFIG_OPTS)" ]; then
#log_action_msg "No networks configured."
return 1
fi
return 0
}
case "$1" in
start)
log_daemon_msg "Starting domain name service..." "bind9"
modprobe capability >/dev/null 2>&1 || true
# dirs under /var/run can go away on reboots.
mkdir -p /var/run/bind/run
chmod 775 /var/run/bind/run
chown root:bind /var/run/bind/run >/dev/null 2>&1 || true
if [ ! -x /usr/sbin/named ]; then
log_action_msg "named binary missing - not starting"
log_end_msg 1
exit 1
fi
if ! check_network; then
log_end_msg 1
exit 1
fi
echo $OPTIONS;
if start-stop-daemon --start --oknodo --quiet --exec /usr/sbin/named \
--pidfile ${PIDFILE} -- $OPTIONS; then
if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then
echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.named
fi
log_end_msg 0
else
log_end_msg 1
fi
;;
stop)
log_daemon_msg "Stopping domain name service..." "bind9"
if ! check_network; then
log_end_msg 1
exit 1
fi
if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then
/sbin/resolvconf -d lo.named
fi
pid=$(/usr/sbin/rndc stop -p | awk '/^pid:/ {print $2}')
if [ -n "$pid" ]; then
while kill -0 $pid 2>/dev/null; do
log_progress_msg "waiting for pid $pid to die"
sleep 1
done
fi
log_end_msg $?
;;
reload|force-reload)
log_daemon_msg "Reloading domain name service..." "bind9"
if ! check_network; then
log_end_msg 1
exit 1
fi
/usr/sbin/rndc reload >/dev/null
log_end_msg $?
;;
restart)
if ! check_network; then
exit 1
fi
$0 stop
$0 start
;;
status)
ret=0
status_of_proc -p ${PIDFILE} /usr/sbin/named bind9 2>/dev/null || ret=$?
;;
*)
log_action_msg "Usage: /etc/init.d/bind9
{start|stop|reload|restart|force-reload|status}"
exit 1
;;
esac
exit 0
> Date: Fri, 15 Apr 2011 16:24:09 +0200
> From: uh...@fantomas.sk
> To: bind-users@lists.isc.org
> Subject: Re: start script for bind9
>
> On 14.04.11 14:23, hugo hugoo wrote:
> > I have installed bind9 using the make install procedure.
> > It works but I did not find any startup script to could put in my
> > /etc/init.d/ directory.
> >
> > I know that if bind is installed via apt-get install (I am using debian
> > linux version), there is automatically a bind9 startup script in
> > /etc/init.d/ directory.
>
> Why don't you use the version provided with debian?
>
> --
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Chernobyl was an Windows 95 beta test site.
> ___
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
___
bind-users mailing list
bind-users@lists.is
Re: start script for bind9
On Apr 15, 2011, at 9:29 AM, hugo hugoo wrote:
I do not use the version provided bu Debian because I am migrating
from bind8 to Bind9 and I wan to have both versions available on the
same server.
So, I want to have Bind9 totally separated from Bind8.
I use Debian, version 5 and the last ESV bind9.
- I have seen that in the debian distribution, bind9 is started via
"named -u bind" ==> is it dangerous to run bind9 as root?
It is dangerous to run anything as root, "named", "httpd", etc. This
includes running anything you do on the console as root, unless it is
absolutely necessary.
This is why software that requires root access to start up, such as
BIND, is written such that it is easy to run as a non-privileged
user. Information about using this is included in the ARM, basically
making sure that the necessary files/directories are readable (and
maybe writable) by the identified user. Easy enough that doing
anything else is simply foolish.
- The following script is provided i nthe distribution to start/
stop bind9.
But I hesitate to copy it to use it with a source installation.
lennydnstest01:~# cat /etc/init.d/bind9
#!/bin/sh
### BEGIN INIT INFO
# Provides: bind9
# Required-Start:$remote_fs
# Required-Stop: $remote_fs
# Should-Start: $network $syslog
# Should-Stop: $network $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start and stop bind9
# Description: bind9 is a Domain Name Server (DNS)
#which translates ip addresses to and from internet names
### END INIT INFO
PATH=/sbin:/bin:/usr/sbin:/usr/bin
# for a chrooted server: "-u bind -t /var/lib/named"
# Don't modify this line, change or create /etc/default/bind9.
OPTIONS=""
RESOLVCONF=no
test -f /etc/default/bind9 && . /etc/default/bind9
test -x /usr/sbin/rndc || exit 0
. /lib/lsb/init-functions
DISTRO=$(lsb_release -is 2>/dev/null || echo Debian)
PIDFILE=/var/run/bind/run/named.pid
check_network() {
if [ -x /usr/bin/uname ] && [ "X$(/usr/bin/uname -o)" =
XSolaris ]; then
IFCONFIG_OPTS="-au"
else
IFCONFIG_OPTS=""
fi
if [ -z "$(/sbin/ifconfig $IFCONFIG_OPTS)" ]; then
#log_action_msg "No networks configured."
return 1
fi
return 0
}
case "$1" in
start)
log_daemon_msg "Starting domain name service..." "bind9"
modprobe capability >/dev/null 2>&1 || true
# dirs under /var/run can go away on reboots.
mkdir -p /var/run/bind/run
chmod 775 /var/run/bind/run
chown root:bind /var/run/bind/run >/dev/null 2>&1 || true
if [ ! -x /usr/sbin/named ]; then
log_action_msg "named binary missing - not starting"
log_end_msg 1
exit 1
fi
if ! check_network; then
log_end_msg 1
exit 1
fi
echo $OPTIONS;
if start-stop-daemon --start --oknodo --quiet --exec /usr/
sbin/named \
--pidfile ${PIDFILE} -- $OPTIONS; then
if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/
resolvconf ] ; then
echo "nameserver 127.0.0.1" | /sbin/resolvconf -a
lo.named
fi
log_end_msg 0
else
log_end_msg 1
fi
;;
stop)
log_daemon_msg "Stopping domain name service..." "bind9"
if ! check_network; then
log_end_msg 1
exit 1
fi
if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ;
then
/sbin/resolvconf -d lo.named
fi
pid=$(/usr/sbin/rndc stop -p | awk '/^pid:/ {print $2}')
if [ -n "$pid" ]; then
while kill -0 $pid 2>/dev/null; do
log_progress_msg "waiting for pid $pid to die"
sleep 1
done
fi
log_end_msg $?
;;
reload|force-reload)
log_daemon_msg "Reloading domain name service..." "bind9"
if ! check_network; then
log_end_msg 1
exit 1
fi
/usr/sbin/rndc reload >/dev/null
log_end_msg $?
;;
restart)
if ! check_network; then
exit 1
fi
$0 stop
$0 start
;;
status)
ret=0
status_of_proc -p ${PIDFILE} /usr/sbin/named bind9 2>/dev/
null || ret=$?
;;
*)
log_action_msg "Usage: /etc/init.d/bind9 {start|stop|reload|
restart|force-reload|status}"
exit 1
;;
esac
exit 0
Wow, this does a lot of stuff, everything but putting out the cat at
night! So much that it makes me a little leery of it. I like to know
exactly what is occurring when running something, but this is a
difference in administration styles.
This is the Debian supplied "bind9" etc script. Why not copy and re-
name this to something else such that it doesn't conflict with the
Debian startup scripts. Then you can configure it how you want and
need and not worry about getting clobbered with updates
Re: AW: ipv6 PTR in zone file
On Fri, Apr 15, 2011 at 10:56:00AM -0400, John Wobus wrote:
> >pint> use Net::IP
> >pint> $foo = new Net::IP '2001:db8::42'
> >3
> >pint> $foo->reverse_ip()
> >2.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.
> >0.1.0.0.2.ip6.arpa.
> >pint>
>
> Or you could just dash off the simple perl expression to do the job:
>
> my $ptr = do {
> my($head,$tail) =
> map { join '', map { sprintf '%04s',$_; } split /:/,$_; }
> split /::/, $addr . '::', 3;
> my $hex32 = '0' x 32;
> substr( $hex32, 0, length($head) ) = $head;
> substr( $hex32, 32, -length($tail) ) = $tail;
> join '.', ( reverse split //, $hex32 ), 'ip6.arpa';
> };
>
In case Pythonistas feel neglected, here's my contribution:
- Cut here --
#!/usr/bin/env python
#
import sys, socket
def ip6toptr(address):
"""return PTR owner name of an IPv6 address"""
try:
packed = socket.inet_pton(socket.AF_INET6, address)
except socket.error:
raise ValueError("%s isn't an IPv6 address" % address)
hexstring = ''.join(["%02x" % ord(x) for x in packed])
ptrowner = "%s.ip6.arpa" % \
'.'.join([x for x in hexstring[::-1]])
return ptrowner
if __name__ == '__main__':
print ip6toptr(sys.argv[1])
- Cut here --
--
Shumon Huque
University of Pennsylvania.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
