Solved FreeBSD 9.3 -> 10.3 Bind issues in jail

allan_sundry

Active Member

Reaction score: 4
Messages: 100

Hello,

Recently I updated my server FreeBSD server to 10.3 release. I have a few jails at that server and one of them with DNS. I used to work with Bind and expected to install a fresh one to the jail, in case that Bind isn't part of the base system since 10.0 release. When I check my jail I found BIND 9.9.5 here:
Code:
$named -v
BIND 9.9.5 (Extended Support Version)
meanwhile at the host:
Code:
$ named -v
-bash: named: command not found

I completely cleaned /usr/src before I run "make buildworld" 10.3. I updated jails with "ezjail-admin update -i".

How can I replace BIND 9.9.5 with 9.9.9 and how it can be here?
 

scottro

Daemon

Reaction score: 526
Messages: 1,458

Now that it's not part of the base system, the location has moved from /etc/namedb to /usr/local/etc/namedb.
For what it's worth, on bare metal, we were able to just move the files, with a bit of editing to named.conf and everything worked.
So, install from package or port and then just move your files from /etc/ to /usr/local/etc.
 
OP
OP
allan_sundry

allan_sundry

Active Member

Reaction score: 4
Messages: 100

But I still have Bind in my jails, and it works completely! How can I remove named from my jail before installing the new one?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 8,057
Messages: 31,638

Your jail is probably still running FreeBSD 9.3. That's why you still have BIND there. I'm not too happy with the upgrade process of EZJail. It's usually easier (and less error-prone) to create new jails with the new version instead of trying to upgrade from one major version to another. Minor version updates are not a problem.
 
OP
OP
allan_sundry

allan_sundry

Active Member

Reaction score: 4
Messages: 100

No, I check FreeBSD version in jail after upgrading:
Code:
# uname -a
FreeBSD ns.domain.net 10.3-RELEASE-p17 FreeBSD 10.3-RELEASE-p17 #0 r315700: Thu Mar 23 12:16:11 EET 2017
I have the same situation on two production servers and I repeated it on my test server.
 

gkontos

Daemon

Reaction score: 482
Messages: 2,155

Never use uname in a jail because it will report the version of the host. Use freebsd-version instead.
 
OP
OP
allan_sundry

allan_sundry

Active Member

Reaction score: 4
Messages: 100

Thank you! But I have the same result in jail:
Code:
ns# freebsd-version
10.3-RELEASE-p17
in host system:
Code:
X1# freebsd-version
10.3-RELEASE-p17
 

gkontos

Daemon

Reaction score: 482
Messages: 2,155

I have never performed an upgrade of a DNS server from 9.3 to 10.X. I usually just kept the zone info and reinstalled. I am not sure why the system kept bind. If I were you, I would simply create a new jail and install from ports or packages dns/bind99
 

scottro

Daemon

Reaction score: 526
Messages: 1,458

Yes, in our case, same way, we just did fresh 10.x or 11.x installs and used the configuration and zone files from the old server.
 
OP
OP
allan_sundry

allan_sundry

Active Member

Reaction score: 4
Messages: 100

I think I solved the problem.

I completely deleted basejail, then installed new one with "ezjail-admin update -i" - after starting jails there was no Bind.

After that I installed new Bind from ports, but I had to set the proper variables in rc.conf:
Code:
named_program="/usr/local/sbin/named"
named_conf="/usr/local/etc/namedb/named.conf"
because FreeBSD 10.3 still have old variables:
Code:
# cat /etc/defaults/rc.conf | grep named
...
named_program="/usr/sbin/named"     # Path to named, if you want a different one.
named_conf="/etc/namedb/named.conf"     # Path to the configuration file
...
 

gkontos

Daemon

Reaction score: 482
Messages: 2,155

My 10.3 does not:

Code:
root@ns1:~ # cat /etc/defaults/rc.conf | grep named
root@ns1:~ #
Code:
root@ns1:~ # cat /etc/rc.conf
syslogd_flags="-ss"
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
named_enable="YES"
 
Top