On 31.03.08 20:59, randall wrote:
> did anybody ever managed to get bind9 up and running in a vserver setup
> on etch?
> i tried the suggested source build with:
> --disable-linux-caps \
> --disable-threads \
> also building with --arch i386 on my 64 bit host did not help.
>
> but to no prevail whatsoever, i simply can not get it to start.
>
> my other options would be djbdns but then i seem to get a svscan
> problem, and good old bind8 that does works like a charm but has
> security concerns to consider as far as i heard.

did you check logs or run in debug mode to see what does it say?
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I drive way too fast to worry about cholesterol.


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

2008/3/31, randall :
> hi all,
>
> did anybody ever managed to get bind9 up and running in a vserver setup
> on etch?

yes , no problem - just did what they have on vserver wiki regarding
bind9 (caps and stuff ) .


regardz


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Matus UHLAR - fantomas wrote:
> On 31.03.08 20:59, randall wrote:
>> did anybody ever managed to get bind9 up and running in a vserver setup
>> on etch?
>> i tried the suggested source build with:
>> --disable-linux-caps \
>> --disable-threads \
>> also building with --arch i386 on my 64 bit host did not help.
>>
>> but to no prevail whatsoever, i simply can not get it to start.
>>
>> my other options would be djbdns but then i seem to get a svscan
>> problem, and good old bind8 that does works like a charm but has
>> security concerns to consider as far as i heard.
>
> did you check logs or run in debug mode to see what does it say?

i guess i'm smart enough to do that, but on the other hand stupid enough
to overlook the obvious

here is what i did, i followed
http://linux-vserver.org/Problematic...Etch_.284.0.29

followed with a apt-get install -f to get the missing dependencies.

this ends up in a hating message on the terminal
Starting domain name service...: bind failed!

an /etc/init.d/bind9 restart would give
Stopping domain name service...: bindrndc: connect failed:
127.0.0.1#953: connection refused
failed!
Starting domain name service...: bind failed!


according to syslog:
Mar 31 20:37:15 ns named[23843]: starting BIND 9.3.4 -u bind
Mar 31 20:37:15 ns named[23843]: loading configuration from
'/etc/bind/named.conf'


and here's probably the obvious:
how do you turn on the debug mode?



--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

* randall schrieb am 31.03.08 um 20:59 Uhr:
> hi all,
>
> did anybody ever managed to get bind9 up and running in a vserver setup
> on etch?
> i tried the suggested source build with:
> --disable-linux-caps \
> --disable-threads \
> also building with --arch i386 on my 64 bit host did not help.
>
> but to no prevail whatsoever, i simply can not get it to start.
>
> my other options would be djbdns but then i seem to get a svscan
> problem, and good old bind8 that does works like a charm but has
> security concerns to consider as far as i heard.

you already thought about alternatives.. how about PowerDNS?

just my 2¢

-Marc
--
8AAC 5F46 83B4 DB70 8317 3723 296C 6CCA 35A6 4134


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Matus UHLAR - fantomas wrote:
>> Starting domain name service...: bind failed!
>>
>> an /etc/init.d/bind9 restart would give
>> Stopping domain name service...: bindrndc: connect failed:
>> 127.0.0.1#953: connection refused
>> failed!
>> Starting domain name service...: bind failed!
>
> of course... the control socket must run on the virtual IP you chbind named
> to... afaik in vserver you can't bind() to localhost (unless you run the
> vserver on localhost)

this i tried last week, can't remember exacltly to be honest
>
>> according to syslog:
>> Mar 31 20:37:15 ns named[23843]: starting BIND 9.3.4 -u bind
>> Mar 31 20:37:15 ns named[23843]: loading configuration from
>> '/etc/bind/named.conf'
>
> On 31.03.08 23:09, randall wrote:
>> and here's probably the obvious:
>> how do you turn on the debug mode?
>
> named -f -d
>

mmmmm, i tried this.......
but i did bind -f -d 5

since named itself is no where to be found after my source install,
which could explain a thing or two offcourse, i doubt its a bug so i
must have done something wrong


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

> Starting domain name service...: bind failed!
>
> an /etc/init.d/bind9 restart would give
> Stopping domain name service...: bindrndc: connect failed:
> 127.0.0.1#953: connection refused
> failed!
> Starting domain name service...: bind failed!

of course... the control socket must run on the virtual IP you chbind named
to... afaik in vserver you can't bind() to localhost (unless you run the
vserver on localhost)

> according to syslog:
> Mar 31 20:37:15 ns named[23843]: starting BIND 9.3.4 -u bind
> Mar 31 20:37:15 ns named[23843]: loading configuration from
> '/etc/bind/named.conf'

On 31.03.08 23:09, randall wrote:
> and here's probably the obvious:
> how do you turn on the debug mode?

named -f -d

--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
My mind is like a steel trap - rusty and illegal in 37 states.


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Wojciech Ziniewicz wrote:
> 2008/3/31, randall :
>> hi all,
>>
>> did anybody ever managed to get bind9 up and running in a vserver setup
>> on etch?
>
> yes , no problem - just did what they have on vserver wiki regarding
> bind9 (caps and stuff ) .
>
>
> regardz
>
>
mmm caps and stuff,

you mean something like

nano /etc/vservers/ns1.bcapabilities

CAP_SYS_RESOURCE

i overlooked this one and it seems to do the trick.

thanks.

any drawbacks when doing this? what does it do?


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

randall wrote:
> Wojciech Ziniewicz wrote:
>> 2008/3/31, randall :
>>> hi all,
>>>
>>> did anybody ever managed to get bind9 up and running in a vserver setup
>>> on etch?
>> yes , no problem - just did what they have on vserver wiki regarding
>> bind9 (caps and stuff ) .
>>
>>
>> regardz
>>
>>
> mmm caps and stuff,
>
> you mean something like
>
> nano /etc/vservers/ns1.bcapabilities
>
> CAP_SYS_RESOURCE
>
> i overlooked this one and it seems to do the trick.
>
> thanks.
>
> any drawbacks when doing this? what does it do?
>

that would be nano /etc/vservers/ns1/bcapabilities

on second tought i did tried that before, however i did that After
compiling from source so i soonly disregarded it as an option since it
did not seem to do anything.....

i still wonder where "named" went tough


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Hello Randall,

randall wrote:
> did anybody ever managed to get bind9 up and running in a vserver setup
> on etch?
> [...]

> my other options would be djbdns but then i seem to get a svscan
> problem [...]

I use djbdns and I don't know exactly what you mean with "svscan
problem" -- if you want to try djbdns I recommend runit [1]

[1] http://packages.debian.org/etch/runit

Best regards,
Henrik


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

2008/3/31, randall :
..
>
> i still wonder where "named" went tough

I am not keen on whole bind stuff, but for some time we were running
bind ( not bind9 ) that i believe to be named daemon . That one wasn't
as hard to install as bind9 and honestly - i did not feel the
difference .

regards


--
Wojciech Ziniewicz
Unix SEX :{look;gawk;find;sed;talk;grep;touch;finger;find;f l
ex;unzip;head;tail; mount;workbone;fsck;yes;gasp;fsck;more;yes;yes;eje
ct;umount;makeclean; zip;split;done;exit:xargs!!}


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org