无法启动绑定 — ‘无法访问 /var/named/run-root/etc/pki/dnssec-keys:’...‘无法打开熵源’

tag-icon tag-icon bind named-conf
无法启动绑定 — ‘无法访问 /var/named/run-root/etc/pki/dnssec-keys:’...‘无法打开熵源’

我对 bind 完全不知所措!非常感谢任何提示。

当我尝试启动绑定时,我看到:

root@WIG001-001 ~]# /etc/init.d/named start  
ls: cannot access /var/named/run-root/etc/pki/dnssec-keys: No such file or directory  
mount: mount point /var/named/run-root/etc/pki/dnssec-keys does not exist  
ls: cannot access /var/named/run-root/var/named: No such file or directory  
mount: mount point /var/named/run-root/var/named does not exist  
ls: cannot access /var/named/run-root/usr/lib64/bind: No such file or directory  
mount: mount point /var/named/run-root/usr/lib64/bind does not exist  
Starting named:                                            [FAILED]

... 因此,看起来 named 正在从 /var/named/run-root 运行。如果我检查日志,似乎 conf 文件位于 /etc/named.conf(我正在复制其他相关消息,以防其他人知道发生了什么):

[root@WIG001-001 ~]# tail -n30 /var/log/messages  
Jul 27 21:16:44 WIG001-001 named[9200]: loading configuration from '/etc/named.conf'  
Jul 27 21:16:44 WIG001-001 named[9200]: using default UDP/IPv4 port range: [1024, 65535]  
Jul 27 21:16:44 WIG001-001 named[9200]: using default UDP/IPv6 port range: [1024, 65535]  
Jul 27 21:16:44 WIG001-001 named[9200]: listening on IPv4 interface lo, 127.0.0.1#53    
...blah....  
Jul 27 21:16:44 WIG001-001 named[9200]: command channel listening on 127.0.0.1#953  
Jul 27 21:16:44 WIG001-001 named[9200]: could not open entropy source /dev/random: permission denied  
Jul 27 21:16:44 WIG001-001 named[9200]: using pre-chroot entropy source /dev/random  
Jul 27 21:16:44 WIG001-001 named[9200]: the working directory is not writable  
Jul 27 21:16:44 WIG001-001 named[9200]: couldn't open pid file '/var/run/named/named.pid':   Permission denied  
Jul 27 21:16:44 WIG001-001 named[9200]: exiting (due to early fatal error)

..因此,假设我的配置文件位于上述日志中的 /etc/named.conf 中,

[root@WIG001-001 ~]# cat /etc/named.conf  
...blah...  
options {  
        allow-recursion {  
                localnets;  
        };  
        directory "/var";  
        auth-nxdomain no;  
        pid-file "/var/run/named/named.pid";  
.....

从这个文件看来,named 应该在 /var 下运行,而不是 /var/named/run-root,就像我尝试启动 named 时在命令行上显示的那样。

有人能告诉我下一步该怎么做吗?如能提供任何帮助我将不胜感激!

答案1

你使用的 init 脚本是否假设 bind 是 chroot?查找

-t /var/named/run-root
在那里。我不清楚 chroot 设置是否是您的意图,但环境和 init 脚本必须以某种方式匹配。

答案2

非常感谢您的指点,现在我被告知该问题已通过禁用 SELinux 得到解决,我仅将答案放在这里以防其他人遇到同样的问题!

干杯,

麦克风

相关内容