I have been building DNS servers on centos 7 (i inherited the these but need to make changes to repurpose them)
When I run the any rndc command it does not work i.e. when i try rndc reload i get no confirmation if it was successful, do not even get command failed
Please also note that I am using linux namespaces so the typical rndc command has a prefic of 'ip entns exec gi'
If i check /var/log/messages simultaneously i do not get any output as compared to another DNS server.
I have posted the output of the necessary services below:
/usr/lib/systemd/system/named.service
[Unit]
Description=Berkeley Internet Name Domain (DNS)
Wants=nss-lookup.target
Wants=named-setup-rndc.service
Before=nss-lookup.target
After=network.target
After=named-setup-rndc.service
[Service]
Type=forking
Environment=NAMEDCONF=/etc/named.conf
EnvironmentFile=-/etc/sysconfig/named
Environment=KRB5_KTNAME=/etc/named.keytab
PIDFile=/run/named/named.pid
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi'
ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS
ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP $MAINPID'
ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
PrivateTmp=true
[Install]
WantedBy=multi-user.target
/usr/lib/systemd/system/named-setup-rndc.service
[Unit]
Description=Generate rndc key for BIND (DNS)
[Service]
Type=oneshot
ExecStart=/usr/libexec/generate-rndc-key.sh
I have tried to delete the rndc.key file and recreate using the named service but this has not worked. I am really stumped here. Anyone have any experience with this
after named restart the logs
-- Unit named-setup-rndc.service has begun starting up.
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 systemd[1]: Started Generate rndc key for BIND (DNS).
-- Subject: Unit named-setup-rndc.service has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit named-setup-rndc.service has finished starting up.
--
-- The start-up result is done.
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 systemd[1]: Starting Berkeley Internet Name Domain (DNS)...
-- Subject: Unit named.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit named.service has begun starting up.
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: starting BIND 9.9.4-RedHat-9.9.4-74.el7_6.1 -u named -c /etc/named.conf -4
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '-
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: ----------------------------------------------------
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: BIND 9 is maintained by Internet Systems Consortium,
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: corporation. Support and training for BIND 9 are
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: available at https://www.isc.org/support
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: ----------------------------------------------------
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: adjusted limit on open files from 4096 to 1048576
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: found 8 CPUs, using 8 worker threads
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: using 8 UDP listeners per interface
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: using up to 21000 sockets
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: loading configuration from '/etc/named.conf'
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: reading built-in trusted keys from file '/etc/named.root.key'
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: initializing GeoIP Country (IPv4) (type 1) DB
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: GEO-106FREE 20180327 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: initializing GeoIP Country (IPv6) (type 12) DB
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: GEO-106FREE 20180605 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: GeoIP City (IPv4) (type 2) DB not available
Also i believe the debug logs are setup to be written to /var/named/data/named.run posted output below
tail -f /var/named/data/named.run
all zones loaded
running
shutting down
stopping command channel on 127.0.0.1#953
stopping command channel on ::1#953
no longer listening on 127.0.0.1#53
exiting
managed-keys-zone: loaded serial 1021
all zones loaded
running
I found the answer although it was mainly a rookie issue in my case.
i used the strace tool and got the following error
This error ENOEXEC (Exec format error) in particular pointed towards a corrupt file so the steps i took to fix was to update bind via yum update, rndc is now successful