rndc question
Wittenberg, Chris
cwittenberg at ec2.edu
Fri Aug 3 22:15:01 UTC 2001
Hi,
I'm running BIND 9.1.3 on a solaris 8 server, and I'm just getting around to
using (or figuring out how to use) rndc. I am following along in the book
(DNS & BIND 4th ed), and I've just set up my named.conf with the following
(verbatim from the book):
controls {
inet * allow { any; } keys { "rndc-key"; };
};
key "rndc-key" {
algorithm hmac-md5;
secret "Zm9vCg==";
};
and just created a rndc.conf with:
options {
default-server localhost;
default-key "rndc-key";
};
key "rndc-key" {
algorithm hmac-md5;
secret "Zm9vCg==";
};
I've got the files owned by user "dns" with rw permissions for the user
only. And dns is run as:
/usr/local/sbin/named -u dns
I think my next step is to run "rndc reload", but I get this error from
/var/adm/messages:
Aug 3 14:37:18 external /usr/local/sbin/named[14132]: [ID 866145
daemon.warning] couldn't add command channel 0.0.0.0#953: permission denied
QUESTIONS:
1. I *think* 953 is the port that rndc wants to use - is it giving me a
permission denied because I'm not running named as root? How do I overcome
this?
2. What is channel 0.0.0.0 - I don't have anything configured like that. Is
it just residue of the error message, or something I should be concerned
about?
3. The book says I can use mmencode to create a code, but I don't have that
on my system. Is it a download, or part of a particular unix
distribution...? Is there another mmencode-like tool I can get/use for
Solaris?
Thanks for your help!
-Chris
More information about the bind-users
mailing list