Re: FC34 broke my bind

ToddAndMargo via users <users@xxxxxxxxxxxxxxxxxxxxxxx> · Sat, 12 Jun 2021 22:50:00 -0700

On 6/12/21 4:39 PM, ToddAndMargo via users wrote:
Hi All,

Just upgraded from FC33 to FC34.

# rpm -aq bind\*
bind-export-libs-9.11.11-1.fc30.x86_64
bind-license-9.16.16-1.fc34.noarch
bind-dnssec-doc-9.16.16-1.fc34.noarch
bind-libs-9.16.16-1.fc34.x86_64
bind-utils-9.16.16-1.fc34.x86_64
bind-dnssec-utils-9.16.16-1.fc34.x86_64
bind-9.16.16-1.fc34.x86_64
bind-chroot-9.16.16-1.fc34.x86_64

# named-checkzone -t /var/named/chroot/var/named/slaves 
255.168.192.in-addr.arpa abc.hosts.rev
zone 255.168.192.in-addr.arpa/IN: loaded serial 213
OK

# named-checkzone -t /var/named/chroot/var/named/slaves  abc.local abc.hosts
zone abc.local/IN: loaded serial 265
OK

and

# named-checkconf -l -t /var/named/chroot /etc/named.conf
abc.local IN _default master
255.168.192.in-addr.arpa IN _default master
0.0.127.in-addr.arpa IN _default master

So why am I getting "file not found" in the following?

# systemctl status named.service

× named.service - Berkeley Internet Name Domain (DNS)
     Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; 
vendor preset: disabled)
     Active: failed (Result: exit-code) since Sat 2021-06-12 16:31:16 
PDT; 3h 46min ago
    Process: 18368 ExecStartPre=/bin/bash -c if [ ! 
"$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z 
"$NAMEDCONF"; else echo "Checking of zone files is >
        CPU: 12ms

Jun 12 16:31:16 rn6.abc.local bash[18369]: _default/abc.local/IN: file 
not found
Jun 12 16:31:16 rn6.abc.local bash[18369]: zone 
255.168.192.in-addr.arpa/IN: loading from master file 
slaves/abc.hosts.rev failed: file not found
Jun 12 16:31:16 rn6.abc.local bash[18369]: zone 
255.168.192.in-addr.arpa/IN: not loaded due to errors.
Jun 12 16:31:16 rn6.abc.local bash[18369]: 
_default/255.168.192.in-addr.arpa/IN: file not found
Jun 12 16:31:16 rn6.abc.local bash[18369]: zone 0.0.127.in-addr.arpa/IN: 
loading from master file named.local failed: file not found
Jun 12 16:31:16 rn6.abc.local bash[18369]: zone 0.0.127.in-addr.arpa/IN: 
not loaded due to errors.
Jun 12 16:31:16 rn6.abc.local bash[18369]: 
_default/0.0.127.in-addr.arpa/IN: file not found
Jun 12 16:31:16 rn6.abc.local systemd[1]: named.service: Control process 
exited, code=exited, status=1/FAILURE
Jun 12 16:31:16 rn6.abc.local systemd[1]: named.service: Failed with 
result 'exit-code'.
Jun 12 16:31:16 rn6.abc.local systemd[1]: Failed to start Berkeley 
Internet Name Domain (DNS).

My /etc/named.local

// generated by named-bootconf.pl

options {
        # the following forwarders is Family freindly Open DNS:
        # forwarders { 208.67.222.122; 208.67.220.120; };

        # the following forwarders is for Open DNS
	forwarders { 208.67.222.222; 208.67.220.220; };

        # the following forwarders is for Google's DNS
	#forwarders { 8.8.8.8; 8.8.4.4; };

	directory "/var/named";
        # pid-file "/var/named/chroot/run/named/named.pid";
        # pid-file "/var/named/chroot/run/named/nonamed.pid";
	/*
	 * If there is a firewall between you and nameservers you want
	 * to talk to, you might need to uncomment the query-source
	 * directive below.  Previous versions of BIND always asked
	 * questions using port 53, but BIND 8.1 uses an unprivileged
	 * port by default.
	 */
	// query-source address * port 53;
};

key DHCP_UPDATER {
    algorithm hmac-md5;
    secret cgGq509uDODGTU4J9QZwgQ==;
};

zone "abc.local" {
	type master;
	# file "/var/named/chroot/var/named/slaves/abc.hosts";
	file "slaves/abc.hosts";
        allow-update { key DHCP_UPDATER; };
#       allow-update { 127.0.0.1; };
};

zone "255.168.192.in-addr.arpa" {
	type master;
	# file "/var/named/chroot/var/named/slaves/abc.hosts.rev";
	file "slaves/abc.hosts.rev";
        allow-update { key DHCP_UPDATER; };
#       allow-update { 127.0.0.1; };
};

zone "0.0.127.in-addr.arpa" {
	type master;
	# file "/var/named/chroot/var/named/named.local";
	file "named.local";
};

# logging {
     # channel update_debug {
          # file 
"/var/named/chroot/var/named/slaves/named-update-debug.log";
          # severity  debug 3;
          # print-category yes;
          # print-severity yes;
          # print-time     yes;
      # };
          # channel security_info    {
          # file "slaves/named-auth.info";
          # severity  info;
          # print-category yes;
          # print-severity yes;
          # print-time     yes;
      # };

      # category update { update_debug; };
      # category security { security_info; };
# };

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure