架設主從DNS伺服器出錯!請高手幫忙
區域網內架設DNS主從伺服器,主伺服器IP為192.168.11.1
從伺服器IP為192.168.11.41且從伺服器/var/named/chroot/var/named目許可權為750
出錯信息如下,請高手解答
Dec 14 16:57:41 wpeng named: zone localdomain/IN: loaded serial 42
Dec 14 16:57:41 wpeng named: zone localhost/IN: loaded serial 42
Dec 14 16:57:41 wpeng named: running
Dec 14 16:57:41 wpeng named: zone 11.168.192.in-addr.arpa/IN: refresh: unexpected rcode (SERVFAIL) from master 192.168.11.1#53
Dec 14 16:57:42 wpeng named: zone intranet.grandford.com/IN: refresh: unexpected rcode (SERVFAIL) from master 192.168.11.1#53
Dec 14 16:57:42 wpeng kernel: audit(1166133462.292:0): avc: denied { write } for pid=3650 exe=/usr/sbin/named name=named dev=hda6 ino=1514900 scontext=root:system_r:named_t tcontext=system_u:object_r:named_zone_t tclass=dir
Dec 14 16:57:42 wpeng named: dumping master file: tmp-XXXX1sOaiM: open: permission denied
Dec 14 16:57:42 wpeng named: transfer of '8.168.192.in-addr.arpa/IN' from 192.168.11.1#53: failed while receiving responses: permission denied
Dec 14 16:57:42 wpeng named: transfer of '8.168.192.in-addr.arpa/IN' from 192.168.11.1#53: end of transfer
Dec 14 16:57:42 wpeng kernel: audit(1166133462.301:0): avc: denied { write } for pid=3650 exe=/usr/sbin/named name=named dev=hda6 ino=1514900 scontext=root:system_r:named_t tcontext=system_u:object_r:named_zone_t tclass=dir
Dec 14 16:57:42 wpeng named: dumping master file: tmp-XXXXVXtDK4: open: permission denied
Dec 14 16:57:42 wpeng named: transfer of 'intranet.silvertech.com.cn/IN' from 192.168.11.1#53: failed while receiving responses: permission denied
Dec 14 16:57:42 wpeng named: transfer of 'intranet.silvertech.com.cn/IN' from 192.168.11.1#53: end of transfer
《解決方案》
permission denied
要簡單的話:
chown -R named /var/named
最好是修改 slave 的 config:
從 file "xxxx"; 改為 file "slaves/xxxx"
《解決方案》
回復 2樓 網中人 的帖子
也有可能是options里設置了 allow-transfer { none; }; ,而zone里沒有設置 allow-transfer { ip_slave; };
《解決方案》
還有一種可能,是.zone文件有錯誤。
我剛遇到一例:MX 後面忘記寫等級了,呵呵
