[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Caution] Information to installing Debian Security Advisory DSA 1172-1 named/bind9 on Skolelinux-Server

Hello Tjeneradmins,

this mail is written to all admins of skolelinux servers because of given 
situation that has broken some servers.

Please check _before_ installing the Debian Security Advisory DSA 1172-1 
on your server, if the situation explained at the URL's at the end of this 
mail is given at your server.

It could happen under given conditions, that the domain name service breaks
during the upgrade. This affects other depending services like squid, ldap and 
so on.

If this happens you should do the following steps as user root:

1.  check /etc/defaults/bind9 if there is the entry
     OPTIONS="-u bind" darin gibt.
     If not, create it.

2.  check with 
     tjener:~#  ls  -l /etc/bind/rndc.key
     if you get an output like (rights and owner): 
     -rw-r-----  1 bind bind 77 2006-04-21 18:42 /etc/bind/rndc.key
     If not, correct the rights and the owner
     (chown / chmod).

3.  check if there is a user bind with
     tjener:~# getent passwd | grep bind
     ( should look like above)

4.  (re-) start with
     tjener:~# /etc/init.d/bind9 start
     the nameserver.

5.  check with
     tjener:~# ps aux | grep named
bind      2132  0.0  1.1 29436 2852 ?        Ss   Sep11   0:00 /usr/sbin/named

    if the nameserver is running. You should see a similar output like above.

It is always a good idea to check, if the squid, ldap, ... services are 

This issue is being tracked at


and also at


With best wishes, Jürgen Leibner
Skolelinux-Team, Germany

-- thanks to all who helped investigating this

Reply to: