DirectSlave - solution to add and remove zones on slave without DirectAdmin

Richard G · 2025-12-15T12:44:23-0700

Check the directslave error log.

I found recently after some OS or bind update that the /etc/named directory restored original permissions and owner from root.
So now I changed it and now use a self created /etc/namedb directory with correct owner and permission and things work again.

However, in your case it might be something else, so it's always best to check the logs at the directslave server to see why things went wrong.

reonhoub2 · 2025-12-15T12:49:39-0700

Of course. I also checked the log data on the Directslave server. There is no entry for deleting the domain. New zones can be added without any problems.

directadmin error log:

/var/log/directadmin/error.log:2025:12:15-19:05:01: Cluster ns1.mydomain.de: Error deleting remote dns zone (gwefibgw.de): No action taken
/var/log/directadmin/error.log:2025:12:15-19:05:02: Cluster ns2.mydomain.de: Error deleting remote dns zone (gwefibgw.de): No action taken

directslave access log:

2025/12/15 19:04:02 [xxx.xxx.xxx.xxx] "GET /CMD_API_DNS_ADMIN?action=exists&domain=gwefibgw.de HTTP/1.0"
2025/12/15 19:04:06 [xxx.xxx.xxx.xxx] "GET /CMD_API_DNS_ADMIN?action=exists&domain=gwefibgw.de HTTP/1.0"
2025/12/15 19:04:06 [xxx.xxx.xxx.xxx] "POST/CMD_API_DNS_ADMIN?action=rawsave&domain=gwefibgw.de&username=admin&hostname=mydomain.de HTTP/1.0"
2025/12/15 19:04:06 [xxx.xxx.xxx.xxx] "POST/CMD_API_DNS_ADMIN?action=rawsave&domain=gwefibgw.de&username=admin&hostname=mydomain.de HTTP/1.0"
2025/12/15 19:04:46 [xxx.xxx.xxx.xxx] "GET /CMD_API_DNS_ADMIN?action=exists&domain=gwefibgw.de HTTP/1.0"
2025/12/15 19:04:46 [xxx.xxx.xxx.xxx] "GET /CMD_API_DNS_ADMIN?action=exists&domain=gwefibgw.de HTTP/1.0"
2025/12/15 19:04:46 [xxx.xxx.xxx.xxx] "POST/CMD_API_DNS_ADMIN?action=rawsave&domain=gwefibgw.de&named_reload=yes&username=admin&hostname=mydomain.de HTTP/1.0"
2025/12/15 19:04:46 [xxx.xxx.xxx.xxx] "POST/CMD_API_DNS_ADMIN?action=rawsave&domain=gwefibgw.de&named_reload=yes&username=admin&hostname=mydomain.de HTTP/1.0"
2025/12/15 19:05:03 [xxx.xxx.xxx.xxx] "POST /CMD_API_DNS_ADMIN HTTP/1.0"

directslave action log:

2025/12/15 19:04:02 Authorization passed for myserver from xxx.xxx.xxx.xxx
2025/12/15 19:04:02 Checking gwefibgw.de from xxx.xxx.xxx.xxx
2025/12/15 19:04:02 Domain gwefibgw.de not exists
2025/12/15 19:04:06 Authorization passed for myserver from xxx.xxx.xxx.xxx
2025/12/15 19:04:06 Checking gwefibgw.de from xxx.xxx.xxx.xxx
2025/12/15 19:04:06 Domain gwefibgw.de not exists
2025/12/15 19:04:06 Authorization passed for myserver from xxx.xxx.xxx.xxx
2025/12/15 19:04:06 Domain gwefibgw.de added with primary xxx.xxx.xxx.xxx
2025/12/15 19:04:17 RNDC queue triggered with 1 events
2025/12/15 19:04:18 RNDC output: server reload successful
2025/12/15 19:04:46 Authorization passed for myserver from xxx.xxx.xxx.xxx
2025/12/15 19:04:46 Checking gwefibgw.de from xxx.xxx.xxx.xxx
2025/12/15 19:04:46 Domain gwefibgw.de exists on primary xxx.xxx.xxx.xxx
2025/12/15 19:04:46 Authorization passed for myserver from xxx.xxx.xxx.xxx
2025/12/15 19:04:46 Checking gwefibgw.de from xxx.xxx.xxx.xxx
2025/12/15 19:04:46 Domain gwefibgw.de exists on primary xxx.xxx.xxx.xxx
2025/12/15 19:04:46 Authorization passed for myserver from xxx.xxx.xxx.xxx
2025/12/15 19:04:46 Reloaded gwefibgw.de from master xxx.xxx.xxx.xxx
2025/12/15 19:04:48 RNDC queue triggered with 1 events
2025/12/15 19:04:49 RNDC output: server reload successful
2025/12/15 19:05:03 Authorization passed for myserver from xxx.xxx.xxx.xxx
2025/12/15 19:16:43 Authorization passed for myserver from xxx.xxx.xxx.xxx

No relevant entries in directslave error log.

I therefore assumed that it was a general problem. Does deleting still work for you with DA 1.690 and Directslave 3.4.3?

Richard G · 2025-12-15T18:14:46-0700

reonhoub2 said:
Does deleting still work for you with DA 1.690 and Directslave 3.4.3?

Even worse.

I just tested for you and I got my testdomain in the directslave.inc file but the testdomain.nl.db file wasn't even created.
Also no error in the error log.

And I also found testdomains in the directslave.inc file which were created a couple of days ago when I changed the connection to SSL.

Looks indeed something in Directadmin 1.690 or 1.689 maybe changed which has influence on Directslave. Maybe @romans knows?

However it's still odd that DS does create the line in Directslave but then does not create the .db file. So I'm not sure if this is something of an OS update or DA update.
I'm running DS on Almalinux 8.10.

Edit: also in my case only an error notice in the directadmin error.log which oddly enough is in an already rotaded logfile:

Code:

2025:12:16-02:07:47: Cluster directslave.server.nl: Error deleting remote dns zone (eventesten.com): No action taken

Odd thing, this is the file:
error.log-20251214

Now logrotate it probably at 02.00 hours, but in the normal error.log file I see this:

Code:

2025:12:16-02:00:30: Socket::curl_request: curl returned code 6: curl: (6) Could not resolve host: (null)
2025:12:16-02:00:36: Socket::curl_request: curl returned code 6: curl: (6) Could not resolve host: (null)
2025:12:16-02:00:43: Socket::curl_request: curl returned code 6: curl: (6) Could not resolve host: (null)
2025:12:16-02:01:15: clean_dangerious_env_vars:Spam::saveSettings: cleared dangerous variable: SAFE_CODE=
2025:12:16-02:01:16: getHomeDir: username is empty!:

No clue what it means, but just strange that what happens at 02.07 hours is logged to an older already rotated logfile.

romans · 2025-12-15T23:30:08-0700

Richard G said:
Even worse.

I just tested for you and I got my testdomain in the directslave.inc file but the testdomain.nl.db file wasn't even created.
Also no error in the error log.

And I also found testdomains in the directslave.inc file which were created a couple of days ago when I changed the connection to SSL.

Looks indeed something in Directadmin 1.690 or 1.689 maybe changed which has influence on Directslave. Maybe @romans knows?

However it's still odd that DS does create the line in Directslave but then does not create the .db file. So I'm not sure if this is something of an OS update or DA update.
I'm running DS on Almalinux 8.10.

Edit: also in my case only an error notice in the directadmin error.log which oddly enough is in an already rotaded logfile:

Code:

2025:12:16-02:07:47: Cluster directslave.server.nl: Error deleting remote dns zone (eventesten.com): No action taken

Odd thing, this is the file:
error.log-20251214

Now logrotate it probably at 02.00 hours, but in the normal error.log file I see this:

Code:

2025:12:16-02:00:30: Socket::curl_request: curl returned code 6: curl: (6) Could not resolve host: (null) 2025:12:16-02:00:36: Socket::curl_request: curl returned code 6: curl: (6) Could not resolve host: (null) 2025:12:16-02:00:43: Socket::curl_request: curl returned code 6: curl: (6) Could not resolve host: (null) 2025:12:16-02:01:15: clean_dangerious_env_vars:Spam::saveSettings: cleared dangerous variable: SAFE_CODE= 2025:12:16-02:01:16: getHomeDir: username is empty!:

No clue what it means, but just strange that what happens at 02.07 hours is logged to an older already rotated logfile.

Could you confirm that it works fine if you downgrade your DA version to 1.689 (stable release) ?

Richard G · 2025-12-16T05:55:13-0700

I would like to try if you have the command to downgrade safely to 1.689.

Richard G · 2025-12-16T09:20:57-0700

@reonhoub2 do you have the dnssec-enable yes; option in any of your /etc/named.conf files?
Edit: Also check if you change records. On 1.689 creating and deleting works fine but changing records doesn't work.

Richard G · 2025-12-16T11:18:17-0700

@DrWizzle Did you posted (and removed the post) that you experienced the same issues with DS and 1.690? If yes it's important to mention it.

reonhoub2 · 2025-12-16T11:24:27-0700

Richard G said:
@reonhoub2 do you have the dnssec-enable yes; option in any of your /etc/named.conf files?
Edit: Also check if you change records. On 1.689 creating and deleting works fine but changing records doesn't work.

I just checked. On my DirectAdmin servers, the default setting is

Code:

dnssec-enable yes;

in named.conf. However, this is not the case on the DNS cluster servers (Directslave). We do not use dnssec in general.

DrWizzle · 2025-12-16T11:28:16-0700

Richard G said:
@DrWizzle Did you posted (and removed the post) that you experienced the same issues with DS and 1.690? If yes it's important to mention it.

Apologies Richard, yeah, I deleted it as i'm rewriting it.

In a nutshell I have DA on a VPS as a master, and also use DNS on one of my Dedis (With Ubuntu as that's my go to distro) , and a few VPS with Alma 9 and Directslave on.

Zone files are created fine on DA and echoed fine to DS at /etc/namedb/secondary/domain.com.db

Zone edits are sketchy, some apply, some don't (evidenced by mismatched SOA serials)

Domain deletes are OK on DA, they don't delete on DS so have to be manually deleted.

It was all fine a few versions ago as you all posted here.
Just for now, until a fix is sorted (and I fully appreciate the Dev is Ukrainian and the struggles they face at the moment) I'm reverting back to a few copied of DA Personal Plus as I'm awfully busy here at mo with business, and a sick wife and father. That way it should be a little more stable and i'll revert back after. I've taken snapshots of the servers and it's only cost ing 0.011c a GB per month so not that expensive!

Hope you guys sort it! I'm watching for the moment

[Quick edit] I'm using DA 1.690 I believe as it auto updates, forgot to mention that aboeve (Must sort that out)

Richard G · 2025-12-16T11:32:43-0700

reonhoub2 said:
On my DirectAdmin servers, the default setting is

You can remove that line, it's obsolete. Seemed on my Directslave after removing that line, at least creating and deleting after this went fine in 1.689 (not 1.690)
Updating (even with the multi-server task.queue command) did not change anything in either version.

DrWizzle said:
Domain deletes are OK on DA, they don't delete on DS so have to be manually deleted.

So the same issue we are also experiencing with 1.690. Same for updating records (soa serial and missing changed content is proof).
Thank you for confirming you also experiencing delete and change issues in 1.690 at least.

As you can see in 1.689 some things were better but not all, so the issue might have started even earlier but we can't go back that far.

Sorry to hear from your wife and father. I wish them all the best and hope they will get well soon. Take care!

Edit:
This is a debug line from my Directslave server. Maybe somebody sees something odd.

Code:

2025/12/16 18:55:07 DEBUG: &{Method:POST URL:/CMD_API_DNS_ADMIN?action=rawsave&domain=testdomain.nl&username=admin&hostname=my.directadmin.nl Pro
to:HTTP/1.0 ProtoMajor:1 ProtoMinor:0 Header:map[Authorization:[Basic d21wcjpLdExqTzR1MV8zdkd6] Content-Length:[1659] User-Agent:[DA-Socket-Class]] Bo
dy:0xc00014e380 GetBody:<nil> ContentLength:1659 TransferEncoding:[] Close:true Host:my.dsvps.nl Form:map[action:[rawsave] domain:[testdomain.nl]
 hostname:[my.directadmin.nl] username:[admin]] PostForm:map[] MultipartForm:<nil> Trailer:map[] RemoteAddr:88.99.62.187:35544 RequestURI:/CMD_API_
DNS_ADMIN?action=rawsave&domain=testdomain.nl&username=admin&hostname=my.directadmin.nl TLS:<nil> Cancel:<nil> Response:<nil> ctx:0xc0002fc8a0}

DrWizzle · 2025-12-16T11:54:47-0700

Richard G said:
Sorry to hear from your wife and father. I wish them all the best and hope they will get well soon. Take care!

Thank you Richard, That's very kind and appreciated.

DirectSlave - solution to add and remove zones on slave without DirectAdmin

Richard G

Verified User

reonhoub2

Verified User

Richard G

Verified User

romans

Super Moderator

Richard G

Verified User

Richard G

Verified User

Richard G

Verified User

reonhoub2

Verified User

DrWizzle

Verified User

Richard G

Verified User

DrWizzle

Verified User