Named can't start

P

pomak

New member
Joined
Jan 19, 2022
Messages
4
Hello there. I 've got centos 7.9 DA installed and i'm searching a bug/ or error causes my server down. Its related with named service. When I try to start named service it fails. Im tryin every solution for fix the server. Any help is appreciated.

service named status
Redirecting to /bin/systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/etc/systemd/system/named.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2022-01-21 11:15:06 +03; 34s ago
Process: 10785 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=1/FAILURE)

Jan 21 11:15:06 server.xxxx bash[10785]: zone server.xxxx/IN: loading from master file /var/named/server.xxxxx.db failed: file not found
Jan 21 11:15:06 server.xxxx bash[10785]: zone server.xxxx/IN: not loaded due to errors.
Jan 21 11:15:06 server.xxxx bash[10785]: _default/server.xxxx/IN: file not found
Jan 21 11:15:06 server.xxxx bash[10785]: zone xxx.com/IN: loaded serial 2022012102
Jan 21 11:15:06 server.xxxx bash[10785]: zone xxx.eu/IN: loaded serial 2022012013
Jan 21 11:15:06 server.xxxx bash[10785]: zone xxx.com/IN: loaded serial 2022012100
Jan 21 11:15:06 server.xxxx systemd[1]: named.service: control process exited, code=exited status=1
Jan 21 11:15:06 server.xxxx systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Jan 21 11:15:06 server.xxxx systemd[1]: Unit named.service entered failed state.
Jan 21 11:15:06 server.xxxx systemd[1]: named.service failed.
 
as you see first three lines:
Jan 21 11:15:06 server.xxxx bash[10785]: zone server.xxxx/IN: loading from master file /var/named/server.xxxxx.db failed: file not found
Jan 21 11:15:06 server.xxxx bash[10785]: zone server.xxxx/IN: not loaded due to errors.
Jan 21 11:15:06 server.xxxx bash[10785]: _default/server.xxxx/IN: file not found
---
fix it and restart named
 
named -fg


21-Jan-2022 11:49:22.674 starting BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.8 (Ex tended Support Version) <id:7107deb>
21-Jan-2022 11:49:22.674 running on Linux x86_64 3.10.0-1160.53.1.el7.x86_64 #1 SMP Fri Jan 14 13:59:45 UTC 2022
21-Jan-2022 11:49:22.674 built with '--build=x86_64-redhat-linux-gnu' '--host=x8 6_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--pr efix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sys confdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/ lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/sh are/man' '--infodir=/usr/share/info' '--with-python=/usr/bin/python' '--with-lib tool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--enable-filter -aaaa' '--enable-rrl' '--with-pic' '--disable-static' '--includedir=/usr/include /bind9' '--with-geoip' '--with-libidn' '--enable-openssl-hash' '--enable-native- pkcs11' '--with-pkcs11=/usr/lib64/pkcs11/libsofthsm2.so' '--with-dlopen=yes' '-- with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz- filesystem=yes' '--with-dlz-bdb=yes' '--with-gssapi=yes' '--disable-isc-spnego' '--with-lmdb=no' '--with-atf=yes' '--enable-fixed-rrset' '--with-tuning=large' ' --with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets' '--enable-full-repor t' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'C FLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector -strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' 'LD FLAGS=-Wl,-z,relro ' 'CPPFLAGS= -DDIG_SIGCHASE'
21-Jan-2022 11:49:22.674 running as: named -fg
21-Jan-2022 11:49:22.674 compiled by GCC 4.8.5 20150623 (Red Hat 4.8.5-44)
21-Jan-2022 11:49:22.674 compiled with OpenSSL version: OpenSSL 1.0.2k 26 Jan 2 017
21-Jan-2022 11:49:22.674 linked to OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
21-Jan-2022 11:49:22.674 compiled with libxml2 version: 2.9.1
21-Jan-2022 11:49:22.674 linked to libxml2 version: 20901
21-Jan-2022 11:49:22.674 compiled with zlib version: 1.2.7
21-Jan-2022 11:49:22.674 linked to zlib version: 1.2.7
21-Jan-2022 11:49:22.674 threads support is enabled
21-Jan-2022 11:49:22.674 ----------------------------------------------------
21-Jan-2022 11:49:22.674 BIND 9 is maintained by Internet Systems Consortium,
21-Jan-2022 11:49:22.674 Inc. (ISC), a non-profit 501(c)(3) public-benefit
21-Jan-2022 11:49:22.674 corporation. Support and training for BIND 9 are
21-Jan-2022 11:49:22.674 available at https://www.isc.org/support
21-Jan-2022 11:49:22.674 ----------------------------------------------------
21-Jan-2022 11:49:22.674 adjusted limit on open files from 4096 to 1048576
21-Jan-2022 11:49:22.674 found 1 CPU, using 1 worker thread
21-Jan-2022 11:49:22.674 using 1 UDP listener per interface
21-Jan-2022 11:49:22.675 using up to 21000 sockets
21-Jan-2022 11:49:22.679 loading configuration from '/etc/named.conf'
21-Jan-2022 11:49:22.679 reading built-in trust anchors from file '/etc/named.ro ot.key'
21-Jan-2022 11:49:22.681 initializing GeoIP Country (IPv4) (type 1) DB
21-Jan-2022 11:49:22.681 GEO-106FREE 20180327 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
21-Jan-2022 11:49:22.681 initializing GeoIP Country (IPv6) (type 12) DB
21-Jan-2022 11:49:22.682 GEO-106FREE 20180605 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
21-Jan-2022 11:49:22.682 GeoIP City (IPv4) (type 2) DB not available
21-Jan-2022 11:49:22.682 GeoIP City (IPv4) (type 6) DB not available
21-Jan-2022 11:49:22.682 GeoIP City (IPv6) (type 30) DB not available
21-Jan-2022 11:49:22.682 GeoIP City (IPv6) (type 31) DB not available
21-Jan-2022 11:49:22.682 GeoIP Region (type 3) DB not available
21-Jan-2022 11:49:22.682 GeoIP Region (type 7) DB not available
21-Jan-2022 11:49:22.682 GeoIP ISP (type 4) DB not available
21-Jan-2022 11:49:22.682 GeoIP Org (type 5) DB not available
21-Jan-2022 11:49:22.682 GeoIP AS (type 9) DB not available
21-Jan-2022 11:49:22.682 GeoIP Domain (type 11) DB not available
21-Jan-2022 11:49:22.682 GeoIP NetSpeed (type 10) DB not available
21-Jan-2022 11:49:22.682 using default UDP/IPv4 port range: [32768, 60999]
21-Jan-2022 11:49:22.682 using default UDP/IPv6 port range: [32768, 60999]
21-Jan-2022 11:49:22.683 listening on IPv6 interfaces, port 53
21-Jan-2022 11:49:22.683 listening on IPv4 interface lo, 127.0.0.1#53
21-Jan-2022 11:49:22.684 listening on IPv4 interface eth0, 172.104.250.2xx#53
21-Jan-2022 11:49:22.684 listening on IPv4 interface eth0, 172.105.246.1xx#53
21-Jan-2022 11:49:22.684 could not open file '/run/named/named.pid': Permission denied
21-Jan-2022 11:49:22.684 generating session key for dynamic DNS
21-Jan-2022 11:49:22.684 could not open file '/run/named/session.key': Permissio n denied
21-Jan-2022 11:49:22.684 could not create /run/named/session.key
21-Jan-2022 11:49:22.684 failed to generate session key for dynamic DNS: permiss ion denied
21-Jan-2022 11:49:22.685 sizing zone task pool based on 10 zones
21-Jan-2022 11:49:22.686 none:104: 'max-cache-size 90%' - setting to 1654MB (out of 1837MB)
21-Jan-2022 11:49:22.695 set up managed keys zone for view _default, file '/var/ named/dynamic/managed-keys.bind'
21-Jan-2022 11:49:22.696 none:104: 'max-cache-size 90%' - setting to 1654MB (out of 1837MB)
21-Jan-2022 11:49:22.706 configuring command channel from '/etc/rndc.key'
21-Jan-2022 11:49:22.706 open: /etc/rndc.key: permission denied
21-Jan-2022 11:49:22.706 couldn't add command channel 127.0.0.1#953: permission denied
21-Jan-2022 11:49:22.706 configuring command channel from '/etc/rndc.key'
21-Jan-2022 11:49:22.706 open: /etc/rndc.key: permission denied
21-Jan-2022 11:49:22.706 couldn't add command channel ::1#953: permission denied
21-Jan-2022 11:49:22.706 not using config file logging statement for logging due to -g option
isc_file_isplainfile 'data/named.run' failed: permission denied
21-Jan-2022 11:49:22.706 checking logging configuration failed: permission denie d
21-Jan-2022 11:49:22.706 loading configuration: permission denied
21-Jan-2022 11:49:22.706 exiting (due to fatal error)
 
Probably wrong permissions or owner on rndc.key and the /run/named directory
Can you give the output of these commands:
ls -la rndc.key
and
ls -la /run/named

Just to be sure also:
ls -la /var/named
 
Richard G said:
Probably wrong permissions or owner on rndc.key and the /run/named directory
Can you give the output of these commands:
ls -la rndc.key
and
ls -la /run/named

Just to be sure also:
ls -la /var/named
Click to expand...




ls -la rndc.key
ls: cannot access rndc.key: No such file or directory.


ls -la /run/named
total 8
drwxr-xr-x 2 named named 80 Jan 21 23:18 .
drwxr-xr-x 29 root root 980 Jan 22 03:14 ..
-rw-r--r-- 1 named named 6 Jan 21 23:18 named.pid
-rw------- 1 named named 102 Jan 21 23:18 session.key


Thnx.
 
Found on my notebook, maybe it helps:

Code: 
chown named:named /etc/rndc.key
chmod 644 /etc/rndc.key
service named restart
 
pomak said:
ls -la rndc.key
Click to expand...
Sorry typo... it's i /etc so it should be:
ls -la /etc/rndc.key

However you can also directly try the solution of Active8. Because if the permissions were wrong, that was the next commands I would give you.
 
After i remove local dns zone it suddenly begin to work ! Thank you so much for help!

service named status
Redirecting to /bin/systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/etc/systemd/system/named.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2022-01-22 14:18:06 +03; 22s ago
Process: 14822 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
Process: 14834 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
Process: 14832 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 14836 (named)
CGroup: /system.slice/named.service
└─14836 /usr/sbin/named -u named -c /etc/named.conf
 
You must log in or register to reply here.
Back
Top