Jari Fredriksson wrote: > 13.9.2011 7:01, Bob Proulx kirjoitti: > > Jari Fredriksson wrote: > >> jarif@spitfire:~$ sudo rndc stop > >> WARNING: key file (/etc/bind/rndc.key) exists, but using default > >> configuration file (/etc/bind/rndc.conf) > > > > That should not produce that warning. A default installation does not > > have the file /etc/bind/rndc.conf present. Do you have it? Where did > > it come from? Try moving it out of the way. > > > >> And, it stopped immediately! This is strange, why does it not stop when > >> rebooting... > > > > I expected that it would fail and not stop the named. The > > /etc/init.d/bind9 script calls rndc stop and then waits, possibly > > forever, waiting for it to die. I was expecting the above not to stop > > the named but to produce errors that would identify the problem. > > > > I think you should examine and clean your /etc/bind/ directory as > > appropriate. From the warning above you have a /etc/bind/rndc.conf > > that may be causing problems. > > > > Bob > > If I remove it, rndc does not work at all. > > jarif@spitfire:/etc/bind$ sudo mv rndc.conf /tmp/ > jarif@spitfire:/etc/bind$ sudo rndc reload > rndc: connection to remote host closed > This may indicate that > * the remote server is using an older version of the command protocol, > * this host is not authorized to connect, > * the clocks are not synchronized, or > * the key is invalid. > jarif@spitfire:/etc/bind$ After moving that conf file out of the way you should kill the running named and then start things up without it. # ps -e | grep named # Is it running? # killall named # ps -e | grep named # Verify stopped. # service bind9 start # ps -e | grep named # Verify running. At that point I would hope that things would be working. # service bind9 stop # ps -e | grep named # Verify stopped. # service bind9 start # ps -e | grep named # Verify running. But perhaps it still won't be working properly. If not then something is definitely broken with your installation. I do not have any rndc.conf file present on any of my systems and am not emitting that error. Therefore something in your configuration is referencing it. I think it should be possible to debug your problem to root cause. But it might be simpler to simply scrape it down to nothing, purge everything, and then reinstall it. That should certainly put you back into a fully working state. If you have local domains to serve you can merge your local configuration back in afterward. To simply purge and re-install everything. Be sure to copy your local changes off first. Not knowing if you have any let me suggest the following: # cp -a /etc/bind /root/bind.save # apt-get purge bind9 # ...manually verify /etc/bind is empty... rm -rf /etc/bind # apt-get install bind9 That should make it to be as if the named was installed for the very first time without any previously existing configuration. The default installation will be a simple caching nameserver suitable for most environments. You can then customize it if needed. Your previous configuration will be saved for your reference. Bob
Attachment:
signature.asc
Description: Digital signature