Ubuntu 12.04 LTS 中的 Bind9 问题

Ubuntu 12.04 LTS 中的 Bind9 问题

我在 Ubuntu 12.04 LTS 上安装 bind9 时遇到问题。我已经安装了 Plesk 11 服务器,但 DNS 服务未运行。

root@cp11:~# apt-get install bind
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Package bind is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
  bind9 dnsutils dnsutils:i386 bind9:i386 manpages

E: Package 'bind' has no installation candidate
root@cp11:~# 

root@cp11:~# /etc/init.d/bind9 start
 * Starting domain name service... bind9                                                                                              [fail] 

root@cp11:~# /etc/init.d/bind9 restart
 * Stopping domain name service... bind9                                                                                              [ OK ] 
 * Starting domain name service... bind9                                                                                              [fail] 

当我尝试检查日志文件时:

root@cp11:~# tail -f /var/log/messages
tail: cannot open `/var/log/messages' for reading: No such file or directory

我检查了 /etc,发现有一个 bind 目录

root@cp11:/etc/bind# ls
bind.keys  db.127  db.empty  db.root     named.conf.default-zones  named.conf.options  rndc.key
db.0       db.255  db.local  named.conf  named.conf.local          rndc.conf           zones.rfc1918

当我尝试卸载 bind9 时,它也会删除 Plesk 控制面板。

因此我更新并升级了软件包,但看到绑定错误:

root@cp11:~# apt-get upgrade
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
Processing triggers for initramfs-tools ...
update-initramfs: Generating /boot/initrd.img-3.2.0-23-generic
Processing triggers for resolvconf ...
Processing triggers for python-support ...
Errors were encountered while processing:
 bind9
E: Sub-process /usr/bin/dpkg returned an error code (1)

答案1

Plesk 和 Apparmor 有冲突,我只知道 Apparmor 的默认 Bind9 配置文件和 Plesk 的配置之间存在冲突。官方文档说要卸载 Apparmor,因为它不受支持,我认为这是不明智的,因为它会丢弃相当程度的保护

您可以只调整 bind9 的 Apparmor 配置文件,编辑/etc/apparmor.d/local/usr.sbin.named并添加:

# Allow Plesks configuration for bind9 to run with Apparmor
/var/named/run-root/** rwm,

然后重新加载 Apparmor,并启动 bind9:

# Reload Apparmor profiles
service apparmor reload
# Start bind9, which should start without error now
service bind9 start

服务管理页面现在应该报告 bind9 正在运行,如果没有,您可能需要重新启动 Plesk:

service psa restart

来源:http://www.failover.co/blog/plesk-11-bind9-and-ubuntu-12-04-apparmor-problems (免责声明:来源是我写的,我不是安全专家。)

答案2

看起来 Plesk 与 appormour 冲突,并导致绑定问题。

所以解决方案是:

sudo /etc/init.d/apparmor teardown
sudo update-rc.d -f apparmor remove 

然后开始绑定sudo /etc.init.d/bind9 start

参考http://kb.parallels.com/en/112903

相关内容