> On Feb 23, 2016, at 2:46 PM, Reco wrote:
>
> Why, it's worth a shot. But doing it by hand would be
> counter-productive. They have invented 'debsums' for cases like this,
> after all.
OK. Sounds reasonable. I'll try it in the morning.
--
Glenn English
On Tue, 23 Feb 2016 14:04:52 -0700
Glenn English wrote:
>
> > On Feb 23, 2016, at 8:56 AM, Reco wrote:
> >
> > First things first, unless someone deliberately customized
> > it, /etc/rc.local should contain exactly one meaningful line - 'exit
> > 0'.
>
> It does. See below.
>
> > Your result
> On Feb 23, 2016, at 8:56 AM, Reco wrote:
>
> First things first, unless someone deliberately customized
> it, /etc/rc.local should contain exactly one meaningful line - 'exit
> 0'.
It does. See below.
> Your result shows entirely different thing though.
Well, I just asked egrep to look for
hings first, unless someone deliberately customized
it, /etc/rc.local should contain exactly one meaningful line - 'exit
0'. Your result shows entirely different thing though.
Second, that result means that somebody run at least once Mozilla
Firefox or Debian Iceweasel on this host
> On Feb 23, 2016, at 1:45 AM, Reco wrote:
> I'd start with rkhunter check first. Just to be sure.
Checking for enabled inetd services [ Warning ]
That's AmandaClient, the backup software.
Checking if SSH root access is allowed [ Warning ]
It is
Hi.
On Mon, 22 Feb 2016 20:44:23 -0700
Glenn English wrote:
>
> > On Feb 22, 2016, at 3:58 PM, Reco wrote:
> >
> > First one is 'ls -ald /var/cache'.
>
> root@log:~# ls -ald /var/cache
> drwxr-xr-x 14 root root 4096 Oct 12 2013 /var/cache
>
> > Second one is 'sudo -u touch /var/cac
> On Feb 22, 2016, at 3:58 PM, Reco wrote:
>
> First one is 'ls -ald /var/cache'.
root@log:~# ls -ald /var/cache
drwxr-xr-x 14 root root 4096 Oct 12 2013 /var/cache
> Second one is 'sudo -u touch /var/cache/bind/slaves/1'.
sudo: unknown user: touch
sudo: unable to initialize policy plugin
(
On Mon, 22 Feb 2016 15:33:54 -0700
Glenn English wrote:
>
> > On Feb 22, 2016, at 3:16 PM, Reco wrote:
> >
> > So, what permissions does /var/cache and /var/cache/bind have?
>
> root@log:~# ls -lh /var/cache/bind
> total 48K
> -rw-rw-r-- 1 bind bind 221 Oct 12 2013 managed-keys.bind
> -rw-r
> On Feb 22, 2016, at 3:16 PM, Reco wrote:
>
> So, what permissions does /var/cache and /var/cache/bind have?
root@log:~# ls -lh /var/cache/bind
total 48K
-rw-rw-r-- 1 bind bind 221 Oct 12 2013 managed-keys.bind
-rw-rw-r-- 1 bind bind 512 Oct 12 2013 managed-keys.bind.jnl
drwxrwxr-x 2 bind
On Mon, 22 Feb 2016 14:33:03 -0700
Glenn English wrote:
>
> > On Feb 22, 2016, at 1:59 PM, Reco wrote:
> >
> > No, that's not how you check it. Every Debian system has those records.
> > I meant something like 'ls -alZ /'.
>
> drwxr-xr-x 25 root root? 4096 Jun 6 2014 .
> drwxr-xr-x
> On Feb 22, 2016, at 1:59 PM, Reco wrote:
>
> No, that's not how you check it. Every Debian system has those records.
> I meant something like 'ls -alZ /'.
drwxr-xr-x 25 root root? 4096 Jun 6 2014 .
drwxr-xr-x 25 root root? 4096 Jun 6 2014 ..
drwxr-xr-x 2 root root?
Hi.
On Mon, 22 Feb 2016 13:07:44 -0700
Glenn English wrote:
>
> > On Feb 22, 2016, at 3:14 AM, Reco wrote:
> >
> > Please post the output of:
> >
> > ls -ald /var/cache/bind/slaves
>
> drwxrwxr-x 2 bind bind 4096 Feb 5 07:52 /var/cache/bind/slaves
>
> > lsattr /var/cache/bind/slav
> On Feb 22, 2016, at 3:14 AM, Reco wrote:
>
> Please post the output of:
>
> ls -ald /var/cache/bind/slaves
drwxrwxr-x 2 bind bind 4096 Feb 5 07:52 /var/cache/bind/slaves
> lsattr /var/cache/bind/slaves
-e-- /var/cache/bind/slaves/db.172.16.0
-e-- /var/cache/bind/sl
Hi.
On Mon, 22 Feb 2016 02:35:52 -0700
Glenn English wrote:
> I'm seeing lots of:
>
> > Feb 21 23:32:24 log named[20061]: dumping master file:
> > /var/cache/bind/slaves/tmp-I5cJjYH7fV: open: permission denied
> > Feb 21 23:36:54 log named[20117]: dumping master file:
> > /var/cache/b
I'm seeing lots of:
> Feb 21 23:32:24 log named[20061]: dumping master file:
> /var/cache/bind/slaves/tmp-I5cJjYH7fV: open: permission denied
> Feb 21 23:36:54 log named[20117]: dumping master file:
> /var/cache/bind/slaves/tmp-zsVXbHkEG1: open: permission denied
> Feb 21 23:46:00 log named[2006
On May 27, 2015, at 12:43 PM, Bob Proulx wrote:
> Ah! I would not have thought of that one.
I didn't consider apparmor either. Saw a mention of it on an Ubuntu site.
> Yes. But it isn't enabled by default.
I really don't think it is either. But simply renaming that file in the config
dir
Glenn English wrote:
> apparmor.
Ah! I would not have thought of that one.
> In the recent Debians (Wheezy++, I think), there is a directory
> /etc/apparmor.d. In there is a file called user.sbin.named. That
Yes. But it isn't enabled by default. On a recently installed Debian
Jessie 8 system:
On May 26, 2015, at 11:28 PM, Glenn English wrote:
> apparmor.
No permission probs in the log this morning. Thanks much to those with
suggestions.
--
Glenn English
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas..
apparmor.
In the recent Debians (Wheezy++, I think), there is a directory
/etc/apparmor.d. In there is a file called user.sbin.named. That file does
various things to the /var/cache/bind directory. I didn't look at it long
enough to figure out just what it does, and I couldn't find apparmor on
On May 25, 2015, at 1:00 AM, Bob Proulx wrote:
> Glenn English wrote:
>> root@srv:~# ps -ef | grep named
>> bind 2098 1 0 May10 ?00:00:36 /usr/sbin/named -u bind
>> root 10498 1 0 May10 ?00:00:50 /usr/sbin/named -c
>> /etc/bind/named.conf
>
> There are two of
On May 25, 2015, at 1:00 AM, Bob Proulx wrote:
> Glenn English wrote:
>> root@srv:~# ps -ef | grep named
>> bind 2098 1 0 May10 ?00:00:36 /usr/sbin/named -u bind
>> root 10498 1 0 May10 ?00:00:50 /usr/sbin/named -c
>> /etc/bind/named.conf
>
> There are two of
Glenn English wrote:
> root@srv:~# ps -ef | grep named
> bind 2098 1 0 May10 ?00:00:36 /usr/sbin/named -u bind
> root 10498 1 0 May10 ?00:00:50 /usr/sbin/named -c
> /etc/bind/named.conf
There are two of them running? That doesn't seem right. The first
one look
Bob Proulx sent me a number of suggestions, and I tested them. Then I
inadvertently replied to him instead of the list.
Sorry, Bob, and thanks for the ideas.
On May 21, 2015, at 3:40 PM, Bob Proulx wrote:
> The first reason that comes to mind for permission denied is that it
> doesn't have pe
Glenn English wrote:
> I'm getting (and have been for a while) log entries from my slave
> nameservers like:
>
>dumping master file: /var/cache/bind/tmp-0EIP3LrP0G: open: permission
> denied
>...
> drwxrwxr-x 2 bind bind 4096 May 21 10:09 /var/cache/bind/
Good.
> Any ideas?
The first reaso
I'm getting (and have been for a while) log entries from my slave nameservers
like:
dumping master file: /var/cache/bind/tmp-0EIP3LrP0G: open: permission denied
I also see problems with updating modification times of incoming files from
masters.
Debian Wheezy, Bind9
There are hundreds of
Having updated my bind config files, I try and reload them, but the rndc
program fails to connect as shown below
[EMAIL PROTECTED]:~# /etc/init.d/bind9 reload
Reloading domain name service...: bindrndc: connect failed: connection refused
failed!
[EMAIL PROTECTED]:~#
I have been running bind for
On Thu, Feb 19, 2004 at 12:29:56AM +, Mark C wrote:
> On Thu, 2004-02-19 at 00:11, CW Harris wrote:
>
> > As a guess-- did you define your internal network to be funkypenguin.net
> > and authoritative for the domain? Thus there is no DNS path out of your
> > LAN to the real authority for funk
On Thu, Feb 19, 2004 at 12:29:56AM +, Mark C wrote:
> On Thu, 2004-02-19 at 00:11, CW Harris wrote:
>
> > As a guess-- did you define your internal network to be funkypenguin.net
> > and authoritative for the domain? Thus there is no DNS path out of your
> > LAN to the real authority for funk
On Thu, 2004-02-19 at 00:11, CW Harris wrote:
> As a guess-- did you define your internal network to be funkypenguin.net
> and authoritative for the domain? Thus there is no DNS path out of your
> LAN to the real authority for funkypenguin.net?
>
> Give us more info on how you have your domain s
On Wed, Feb 18, 2004 at 11:10:18PM +, Mark C wrote:
> Hi,
>
> I've just set up bind for my internal network, and running:
>
> 'nslookup funkypenguin.net' returns:
>
> Note: nslookup is deprecated and may be removed from future releases.
> Consider using the `dig' or `host' programs instead
Hi,
I've just set up bind for my internal network, and running:
'nslookup funkypenguin.net' returns:
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from
Angel Parra wrote:
> Hello!
>
> I have a mini-router (linux) with ipmasq, and an internal server. My
> small server has the bind server, and on normal botting the bind server
> only servers the names filed on my own database ... but if I stop the
> bind server and start it again, it works
Hello!
I have a mini-router (linux) with ipmasq, and an internal server. My
small server has the bind server, and on normal botting the bind server
only servers the names filed on my own database ... but if I stop the
bind server and start it again, it works fine. And it also works if I
ch
god damnit. i hate it when this happens. it appears that my ISP changed
the ips of their DNS *again* without telling me so when it came time to do
zone transfers my system denied the new ip address. so i think thats what
was causing the reverse DNS to be screwed up..wasnt the upgrade after
all(y
On Sat, Sep 18, 1999 at 09:44:54PM +0200, Sami Dalouche wrote:
> Hi all,
> I've seen that bind will become a problem in its future releases,
> so, I'm now thinking that the non-US division is really stupid !
> Why not syncing non-US and main ?? Only because this
> policy forbit it ?
> So, let's
Hi all,
I've seen that bind will become a problem in its future releases,
so, I'm now thinking that the non-US division is really stupid !
Why not syncing non-US and main ?? Only because this
policy forbit it ?
So, let's change it !
I think the last US export restriction laws would arrange that
I now have a problem with BIND. When I boot the machine, the boot messages
tell me that the nameserver has been started, but it won't work until I do an
'ndc restart'. I have put '/usr/sbin/ndc restart' in my /etc/init.d/local but
that is not helping.
Also, it takes longer for my machine to boot
Built myself a new version of bind from source, and it's working just
fine.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
38 matches
Mail list logo
