Solved FreeBSD 9.3 -> 10.3 Bind issues in jail

allan_sundry

Member

Reaction score: 4
Messages: 94

Hello,

Recently I updated my server FreeBSD server to 10.3 release. I have a few jails at that server and one of them with DNS. I used to work with Bind and expected to install a fresh one to the jail, in case that Bind isn't part of the base system since 10.0 release. When I check my jail I found BIND 9.9.5 here:
Code:
$named -v
BIND 9.9.5 (Extended Support Version)
meanwhile at the host:
Code:
$ named -v
-bash: named: command not found

I completely cleaned /usr/src before I run "make buildworld" 10.3. I updated jails with "ezjail-admin update -i".

How can I replace BIND 9.9.5 with 9.9.9 and how it can be here?
 

scottro

Daemon

Reaction score: 493
Messages: 1,398

Now that it's not part of the base system, the location has moved from /etc/namedb to /usr/local/etc/namedb.
For what it's worth, on bare metal, we were able to just move the files, with a bit of editing to named.conf and everything worked.
So, install from package or port and then just move your files from /etc/ to /usr/local/etc.
 
OP
OP
allan_sundry

allan_sundry

Member

Reaction score: 4
Messages: 94

But I still have Bind in my jails, and it works completely! How can I remove named from my jail before installing the new one?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,554
Messages: 30,264

Your jail is probably still running FreeBSD 9.3. That's why you still have BIND there. I'm not too happy with the upgrade process of EZJail. It's usually easier (and less error-prone) to create new jails with the new version instead of trying to upgrade from one major version to another. Minor version updates are not a problem.
 
OP
OP
allan_sundry

allan_sundry

Member

Reaction score: 4
Messages: 94

No, I check FreeBSD version in jail after upgrading:
Code:
# uname -a
FreeBSD ns.domain.net 10.3-RELEASE-p17 FreeBSD 10.3-RELEASE-p17 #0 r315700: Thu Mar 23 12:16:11 EET 2017
I have the same situation on two production servers and I repeated it on my test server.
 

gkontos

Daemon

Reaction score: 480
Messages: 2,152

Never use uname in a jail because it will report the version of the host. Use freebsd-version instead.
 
OP
OP
allan_sundry

allan_sundry

Member

Reaction score: 4
Messages: 94

Thank you! But I have the same result in jail:
Code:
ns# freebsd-version
10.3-RELEASE-p17
in host system:
Code:
X1# freebsd-version
10.3-RELEASE-p17
 

gkontos

Daemon

Reaction score: 480
Messages: 2,152

I have never performed an upgrade of a DNS server from 9.3 to 10.X. I usually just kept the zone info and reinstalled. I am not sure why the system kept bind. If I were you, I would simply create a new jail and install from ports or packages dns/bind99
 

scottro

Daemon

Reaction score: 493
Messages: 1,398

Yes, in our case, same way, we just did fresh 10.x or 11.x installs and used the configuration and zone files from the old server.
 
OP
OP
allan_sundry

allan_sundry

Member

Reaction score: 4
Messages: 94

I think I solved the problem.

I completely deleted basejail, then installed new one with "ezjail-admin update -i" - after starting jails there was no Bind.

After that I installed new Bind from ports, but I had to set the proper variables in rc.conf:
Code:
named_program="/usr/local/sbin/named"
named_conf="/usr/local/etc/namedb/named.conf"
because FreeBSD 10.3 still have old variables:
Code:
# cat /etc/defaults/rc.conf | grep named
...
named_program="/usr/sbin/named"     # Path to named, if you want a different one.
named_conf="/etc/namedb/named.conf"     # Path to the configuration file
...
 

gkontos

Daemon

Reaction score: 480
Messages: 2,152

My 10.3 does not:

Code:
root@ns1:~ # cat /etc/defaults/rc.conf | grep named
root@ns1:~ #
Code:
root@ns1:~ # cat /etc/rc.conf
syslogd_flags="-ss"
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
named_enable="YES"
 
Top