named: unknown directive

[ObiektywNy]

Hi I am on 8.0-RELEASE-p4. I'm trying install and run BIND. I start with bind99. I had a problem to start it so I found some solution at post

So I did:

# cd /usr/ports/dns/bind99
# make deinstall
# cd /usr/ports/dns/bind96
# make REPLACE_BASE=yes install clean

Now when I run

#  /etc/rc.d/named start
Starting named.
/etc/rc.d/named: unknown directive '-c'.
Usage: /etc/rc.d/named [fast|force|one](start|stop|restart|rcvar|reload|status|poll)
/etc/rc.d/named: WARNING: failed to start named

and the logs show only:

 /etc/rc.d/named: WARNING: failed to start named

I was googling a lot before I posted it on this forum. My previous error with bind99 was:

/etc/rc.d/named: unknown directive '-h'.

and I have hard time finding out where to look for.

 

[suntzu]

Please post the output of:

[CMD=""]grep named /etc/rc.conf[/CMD]

 

[ObiektywNy]

Thank you, I set it in the past, "mea culpa":

named_enable="YES"
named_program="/etc/rc.d/named"
named_flags="-c /etc/namedb/named.conf"

So I started digging and found post
and post2

So I removed flags line:

named_enable="YES"
named_conf="/etc/namedb/named.conf"
named_program="/etc/rc.d/named"

But now I am getting:

  /etc/rc.d/named start
Starting named.
/etc/rc.d/named: unknown directive '-t'.
Usage: /etc/rc.d/named [fast|force|one](start|stop|restart|rcvar|reload|status|poll)
/etc/rc.d/named: WARNING: failed to start named

From above post found out that flags -c and -u are deprecated so I removed them. Should I use below settings in my rc.conf (I took this from post2)?

named_enable="YES"                 # Run named, the DNS server (or NO).
named_program="/usr/sbin/named"	   # path to named, if you want a different one.
named_flags="-u bind"              # Flags for named
named_pidfile="/var/run/named/pid" # Must set this in named.conf as well
named_chrootdir="/var/named"       # Chroot directory (or "" not to auto-chroot it)
named_chroot_autoupdate="YES"      # Automatically install/update chrooted
                                   # components of named. See /etc/rc.d/named.
named_symlink_enable="YES"         # Symlink the chrooted pid file

----------------------------
Upgrading this post a little I found that website

Does my error message

/etc/rc.d/named: unknown directive '-t'.
Usage: /etc/rc.d/named [fast|force|one](start|stop|restart|rcvar|reload|status|poll)
/etc/rc.d/named: WARNING: failed to start named

is related to this ?

-t directory
Chroot to directory after processing the command line arguments, but before reading the configuration file.
Warning: This option should be used in conjunction with the -u option, as chrooting a process running as root doesn't enhance security on most systems; the way chroot(2) is defined allows a process with root privileges to escape a chroot jail.

I totally lost.

 

[ObiektywNy]

Ok, I run just # named and it look like it started:

# named 
# ps -A | grep named
  735  ??  Ss     0:00.78 /usr/sbin/syslogd -l /var/run/log -l /var/named/var/run/log -s
28549  ??  Is     0:00.23 named -d 7

I can run # /etc/rc.d/named stop to stop it but:

# /etc/rc.d/named start
Starting named.
/etc/rc.d/named: unknown directive '-t'.
Usage: /etc/rc.d/named [fast|force|one](start|stop|restart|rcvar|reload|status|poll)
/etc/rc.d/named: WARNING: failed to start named

It doesn't work

In /var/log/messages I have:

starting BIND 9.6-ESV-R7
Jun 12 12:44:09 diabel named[28773]: built with '--localstatedir=/var' '--disable-linux-caps'
 '--with-randomdev=/dev/random' '--with-openssl=/usr' '--with-libxml2=/usr/local' '--without-idn'
 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--enable-threads' '--sysconfdir=/etc/namedb' '--prefix=/usr'
 '--mandir=/usr/share/man' '--infodir=/usr/share/info/' '--build=i386-portbld-freebsd8.0'
 'build_alias=i386-portbld-freebsd8.0' 'CC=cc' 'CFLAGS=-O2 -pipe -fno-strict-aliasing' 'LDFLAGS=
 -rpath=/usr/lib:/usr/local/lib' 'CPPFLAGS=' 'CPP=cpp' 'CXX=c++' 'CXXFLAGS=-O2 -pipe
 -fno-strict-aliasing'
Jun 12 12:44:09 named[28773]: ----------------------------------------------------
Jun 12 12:44:09 named[28773]: BIND 9 is maintained by Internet Systems Consortium,
Jun 12 12:44:09 named[28773]: Inc. (ISC), a non-profit 501(c)(3) public-benefit 
Jun 12 12:44:09 named[28773]: corporation.  Support and training for BIND 9 are 
Jun 12 12:44:09 named[28773]: available at https://www.isc.org/support
Jun 12 12:44:09 named[28773]: ----------------------------------------------------
Jun 12 12:44:09 named[28773]: command channel listening on 127.0.0.1#953
Jun 12 12:44:09 named[28773]: command channel listening on ::1#953
Jun 12 12:44:09 named[28773]: running

 

[Abriel]

Remove

named_conf="/etc/namedb/named.conf"
named_program="/etc/rc.d/named"

/etc/rc.d/named is a script to start /usr/sbin/named.

[cmd=]killall named[/cmd] and start it from /etc/rc.d/named.

 

[ObiektywNy]

Thanks
I removed those two entries and I got now in logs

named[29074]: starting BIND 9.6-ESV-R7 -t /var/named -u bind
named[29074]: built with '--localstatedir=/var' '--disable-linux-caps' '--with-randomdev=/dev/random' '--with-openssl=/usr' '--with-libxml2=/usr/local' '--without-idn' 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--enable-threads' '--sysconfdir=/etc/namedb' '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info/' '--build=i386-portbld-freebsd8.0' 'build_alias=i386-portbld-freebsd8.0' 'CC=cc' 'CFLAGS=-O2 -pipe -fno-strict-aliasing' 'LDFLAGS= -rpath=/usr/lib:/usr/local/lib' 'CPPFLAGS=' 'CPP=cpp' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -fno-strict-aliasing'
named[29074]: ----------------------------------------------------
named[29074]: BIND 9 is maintained by Internet Systems Consortium,
named[29074]: Inc. (ISC), a non-profit 501(c)(3) public-benefit 
named[29074]: corporation.  Support and training for BIND 9 are 
named[29074]: available at https://www.isc.org/support
named[29074]: ----------------------------------------------------
named[29074]: command channel listening on 127.0.0.1#953
named[29074]: command channel listening on ::1#953
named[29074]:[B] the working directory is not writable[/B]
named[29074]: running

 

[Abriel]

I have

Jun 12 21:44:23 zse named[48681]: the working directory is not writable

It's as it should be.

 

[ObiektywNy]

I was able to catch this
Looking thought other posts I found that my rights were set to root: wheel so I in /var/ I executed [cmd=]chown -R bind:bind named[/cmd]

Now I have:

# find named/ -type d | xargs ls -ld
drwxr-xr-x  5 bind  bind  512 Jan  5  2011 named/
dr-xr-xr-x  6 bind  bind  512 Jun 12 14:40 named/dev
drwxr-xr-x  3 bind  bind  512 Nov 10  2010 named/etc
drwxr-xr-x  5 bind  bind  512 Jun 12 11:33 named/etc/namedb
drwxr-xr-x  2 bind  bind  512 Jun 12 11:33 named/etc/namedb/dynamic
drwxr-xr-x  2 bind  bind  512 May  7 15:31 named/etc/namedb/master
drwxr-xr-x  2 bind  bind  512 Nov 21  2009 named/etc/namedb/slave
drwxr-xr-x  6 bind  bind  512 Nov 21  2009 named/var
drwxr-xr-x  2 bind  bind  512 Nov 21  2009 named/var/dump
drwxr-xr-x  2 bind  bind  512 Nov 21  2009 named/var/log
drwxr-xr-x  3 bind  bind  512 Jun  9 19:36 named/var/run
drwxr-xr-x  2 bind  bind  512 Jun 12 14:36 named/var/run/named
drwxr-xr-x  2 bind  bind  512 Nov 21  2009 named/var/stats

# find /etc/namedb/ -type d | xargs ls -ld
drwxr-xr-x  5 root  wheel  512 Jun 12 11:33 /etc/namedb/
drwxr-xr-x  2 bind  wheel  512 Jun 12 11:33 /etc/namedb/dynamic
drwxr-xr-x  2 root  wheel  512 May  7 15:31 /etc/namedb/master
drwxr-xr-x  2 bind  wheel  512 Nov 21  2009 /etc/namedb/slave

but still have

named[29787]: the working directory is not writable

 

[ObiektywNy]

OK, I think I found it. In rc.conf I had

named_enable="YES"                 	# Run named, the DNS server (or NO).
named_flags="-u bind"              	# Flags for named
named_pidfile="/var/run/named/pid"	# Must set this in named.conf as well
named_chrootdir="/var/named"      		#  Chroot directory (or "" not to auto-chroot it)
named_chroot_autoupdate="YES"      	# Automatically install/update chrooted
named_symlink_enable="YES"         	# Symlink the chrooted pid file

And after my named restart I saw that my attributes changed

# find /var/named/ -type d | xargs ls -ld
drwxr-xr-x  5 root  wheel  512 Jan  5  2011 /var/named/
dr-xr-xr-x  2 root  wheel  512 Nov 21  2009 /var/named/dev
drwxr-xr-x  3 root  wheel  512 Nov 10  2010 /var/named/etc
drwxr-xr-x  5 root  wheel  512 Jun 12 11:33 /var/named/etc/namedb
drwxr-xr-x  2 bind  wheel  512 Jun 12 11:33 /var/named/etc/namedb/dynamic
drwxr-xr-x  2 root  wheel  512 May  7 15:31 /var/named/etc/namedb/master
drwxr-xr-x  2 bind  wheel  512 Nov 21  2009 /var/named/etc/namedb/slave
drwxr-xr-x  6 root  wheel  512 Nov 21  2009 /var/named/var
drwxr-xr-x  2 bind  wheel  512 Nov 21  2009 /var/named/var/dump
drwxr-xr-x  2 bind  wheel  512 Nov 21  2009 /var/named/var/log
drwxr-xr-x  3 bind  wheel  512 Jun  9 19:36 /var/named/var/run
drwxr-xr-x  2 bind  wheel  512 Jun 12 14:45 /var/named/var/run/named
drwxr-xr-x  2 bind  wheel  512 Nov 21  2009 /var/named/var/stats

so I went to rc.conf again and followed DutchDaemon's configuration from this post

I changed rc.conf and now I have

# grep named /etc/rc.conf
named_enable="YES"                 	# Run named, the DNS server (or NO).
named_flags="-u bind"              	# Flags for named
named_pidfile="/var/run/named/pid"	# Must set this in named.conf as well
named_chrootdir=""      		# "/var/named" Chroot directory (or "" not to auto-chroot it)
named_chroot_autoupdate="NO"      	# Automatically install/update chrooted
named_symlink_enable="NO"         	# Symlink the chrooted pid file

I did [cmd=]/var# chown -R bind:bind named[/cmd] restarted bind, and checked again the attributes

# find /var/named/ -type d | xargs ls -ld
drwxr-xr-x  5 bind  bind  512 Jan  5  2011 /var/named/
dr-xr-xr-x  2 bind  bind  512 Nov 21  2009 /var/named/dev
drwxr-xr-x  3 bind  bind  512 Nov 10  2010 /var/named/etc
drwxr-xr-x  5 bind  bind  512 Jun 12 11:33 /var/named/etc/namedb
drwxr-xr-x  2 bind  bind  512 Jun 12 11:33 /var/named/etc/namedb/dynamic
drwxr-xr-x  2 bind  bind  512 May  7 15:31 /var/named/etc/namedb/master
drwxr-xr-x  2 bind  bind  512 Nov 21  2009 /var/named/etc/namedb/slave
drwxr-xr-x  6 bind  bind  512 Nov 21  2009 /var/named/var
drwxr-xr-x  2 bind  bind  512 Nov 21  2009 /var/named/var/dump
drwxr-xr-x  2 bind  bind  512 Nov 21  2009 /var/named/var/log
drwxr-xr-x  3 bind  bind  512 Jun  9 19:36 /var/named/var/run
drwxr-xr-x  2 bind  bind  512 Jun 12 14:51 /var/named/var/run/named
drwxr-xr-x  2 bind  bind  512 Nov 21  2009 /var/named/var/stats

Now messages shows me

named[29971]: starting BIND 9.6-ESV-R7 -u bind -u bind
Jun 12 14:56:21 diabel named[29971]: built with '--localstatedir=/var' '--disable-linux-caps'
 '--with-randomdev=/dev/random' '--with-openssl=/usr' '--with-libxml2=/usr/local' '--without-idn'
 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--enable-threads' '--sysconfdir=/etc/namedb' '--prefix=/usr'
 '--mandir=/usr/share/man' '--infodir=/usr/share/info/' '--build=i386-portbld-freebsd8.0'
 'build_alias=i386-portbld-freebsd8.0' 'CC=cc' 'CFLAGS=-O2 -pipe -fno-strict-aliasing' 'LDFLAGS=
 -rpath=/usr/lib:/usr/local/lib' 'CPPFLAGS=' 'CPP=cpp' 'CXX=c++' 'CXXFLAGS=-O2 -pipe
 -fno-strict-aliasing'
named[29971]: ----------------------------------------------------
named[29971]: BIND 9 is maintained by Internet Systems Consortium,
named[29971]: Inc. (ISC), a non-profit 501(c)(3) public-benefit 
named[29971]: corporation.  Support and training for BIND 9 are 
named[29971]: available at https://www.isc.org/support
named[29971]: ----------------------------------------------------
named[29971]: command channel listening on 127.0.0.1#953
named[29971]: command channel listening on ::1#953
named[29971]: running