RNDC = Confgen
#cp /etc/named.conf /var/named/chroot/etc/named.conf
#cp /etc/rndc.key /var/named/chroot/etc/rndc.key
#ln -s /var/named/chroot/etc/rndc.key rndc.key
pastikan kepemilikan named:named and rndc.key is root:named
berikut contoh dari named.conf
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
include "/etc/rndc.key";
Restart named and it should look like this.
[root@ns echo]# /etc/init.d/named restart
Stopping named: [ OK ]
Starting named: [ OK ]
Jika menemukan errorr lihat denga perintah ---- > [root@ns echo]# tail -f /var/log/messages
named[28606]: starting BIND 9.2.3 -u named -t /var/named/chroot
named[28606]: using 1 CPU
named[28606]: loading configuration from '/etc/named.conf'
named[28606]: listening on IPv4 interface lo, 127.0.0.1#53
named[28606]: listening on IPv4 interface eth0, 10.15.151.6#53
named[28606]: command channel listening on 127.0.0.1#953
named[28606]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
named[28606]: xxxxxxx.xxx.zone:6: no TTL specified; using SOA MINTTL instead
named[28606]: zone xxxxxxxx.xxx/IN: loaded serial 38
named[28606]: zone localhost/IN: loaded serial 42
named[28606]: running
named[28606]: zone xxxxxxxx.xxx/IN: sending notifies (serial 38)
Jun 24 20:35:28 named: named startup succeeded
That was a successfull log, but I used it for when I had error messages to help decipher what is wrong.
Anyway, jail bind is now working hooray! I think that is everything, but my head is ****ing spinning like crazy, so I might of missed something.
Good luck on your jailed bind adventures, and I hope this helps a few out.
#cp /etc/rndc.key /var/named/chroot/etc/rndc.key
#ln -s /var/named/chroot/etc/rndc.key rndc.key
pastikan kepemilikan named:named and rndc.key is root:named
berikut contoh dari named.conf
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
include "/etc/rndc.key";
Restart named and it should look like this.
[root@ns echo]# /etc/init.d/named restart
Stopping named: [ OK ]
Starting named: [ OK ]
Jika menemukan errorr lihat denga perintah ---- > [root@ns echo]# tail -f /var/log/messages
named[28606]: starting BIND 9.2.3 -u named -t /var/named/chroot
named[28606]: using 1 CPU
named[28606]: loading configuration from '/etc/named.conf'
named[28606]: listening on IPv4 interface lo, 127.0.0.1#53
named[28606]: listening on IPv4 interface eth0, 10.15.151.6#53
named[28606]: command channel listening on 127.0.0.1#953
named[28606]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
named[28606]: xxxxxxx.xxx.zone:6: no TTL specified; using SOA MINTTL instead
named[28606]: zone xxxxxxxx.xxx/IN: loaded serial 38
named[28606]: zone localhost/IN: loaded serial 42
named[28606]: running
named[28606]: zone xxxxxxxx.xxx/IN: sending notifies (serial 38)
Jun 24 20:35:28 named: named startup succeeded
That was a successfull log, but I used it for when I had error messages to help decipher what is wrong.
Anyway, jail bind is now working hooray! I think that is everything, but my head is ****ing spinning like crazy, so I might of missed something.
Good luck on your jailed bind adventures, and I hope this helps a few out.
posted by Echo at
1:27 AM
0 Comments
