[OLD QUESTION] dns stats (fwd)
Joaquin J. Domens
jdomens at corp.terra.es
Thu Jun 6 15:58:15 UTC 2002
Hi,
This is about an old threat about ndc ............
As exposed in this mail I've tried to create a control statement in my
named.conf, but the only way I can use NDC is giving the whole path
with -c option.
ndc -c /usr/local/etc/ndc.d/ndc status (this works OK)
I've tried to create a control statemet like this:
controls {
unix "/usr/local/etc/ndc.d/ndc"
perm 600
owner 0
group 0;
};
But it doesn`t work, the error I get is:
ndc: error: ctl_client: evConnect(fd 3): Socket operation on non-socket
ndc: error: cannot connect to command channel (/var/run/ndc)
In /var/run/ndc I don`t see the socket ........
tdnsi1:/var/run/ndc>ls -lrt
total 0
-rw-r--r-- 1 root other 0 Jun 6 15:54 ndc
tdnsi1:/usr/local/etc/ndc.d>ls -lrt
total 0
srwxr-xr-x 1 root other 0 Jun 6 15:54 ndc
How can I make this work without having tio type the -c option everytime I want
to use NDC ?
Thanks in advance
Mark.Andrews at isc.org wrote:
> >
> > Hi all,
> >
> > I'm having same problem on this new Solaris boxes, running 8.3.1
> >
> > But I can't seem to find the channel for ndc, and in named.conf there's no
> > control entry about that.
> >
> > One difference I've seen between this new box, and other one already runnin
> > g ndc
> > (both with 8.3.1) it's:
> >
> > ndc ok:
> >
> > srw------- 1 root root 0 Jan 30 2001 ndc
> > drwx------ 2 root root 512 Apr 3 14:18 ndc.d
> > -rw-r--r-- 1 root other 51924 Apr 8 17:58 named.conf
> > -rw-r--r-- 1 root other 6 Apr 9 11:57 named.pid
> >
> > ndc not running:
> >
> > drwx------ 2 root root 512 Apr 4 17:02 ndc.d
> > -rw-r--r-- 1 root other 16861 Apr 9 13:06 named.conf
> > -rw-r--r-- 1 root other 5 Apr 9 15:30 named.pid
> >
> > And the error I got it's the same ......
> >
> > ndc: error: ctl_client: evConnect(fd 3): No such file or directory
> > ndc: error: cannot connect to command channel (/var/run/ndc)
> >
> > Hope it helps
> >
> > Cheers
>
> The control channel is /var/run/ndc.d/ndc by default in 8.3.1
> on Solaris. If you are getting /var/run/ndc then you have a
> old ndc. If /var/run/ndc is working and you don't have a
> controls block overriding the default path you have a old
> named running and unless it is the patched version from Sun
> it is insecure as it is less than 8.2.3.
>
> --- 8.2.3-REL released ---
>
> ....
>
> 924. [port] sunos solaris: #define NEED_SECURE_DIRECTORY to
> secure the directory containing unix domain socket
> rather than the socket itself.
>
> Mark
> >
> >
> > Nate Campi wrote:
> >
> > > On Thu, Apr 04, 2002 at 04:42:12PM -0500, Art Houle wrote:
> > > >
> > > > We are running "named 8.2.3-REL" and I am trying to get stats so that
> > I
> > > > can put them into mrtg for graphing. However I am having a problem wit
> > h
> > > > the command to get stats and would like input is anybody can interpret
> > the
> > > > error message I get back:
> > > >
> > > > dns1# /usr/sbin/ndc stats
> > > > ndc: error: ctl_client: evConnect(fd 3): No such file or directory
> > > > ndc: error: cannot connect to command channel (/var/run/ndc)
> > >
> > > I'll assume that BIND is actually running. You need to give the path to
> > > your ndc channel with the "-c" option to ndc. Here how I dump stats on
> > > my nameservers:
> > >
> > > /usr/local/sbin/ndc -c /var/bind.root/r/ndc/ndc stats
> > >
> > > If you don't know where your ndc channel is, look in you conf file for
> > > something like:
> > >
> > > controls {
> > > unix "/ndc/ndc"
> > > perm 600
> > > owner 0
> > > group 0;
> > > };
> > >
> > > ...and use the path in double quotes after "unix".
> > > --
> > > Nate
> > >
> > > The doctrine of human equality reposes on this: that there is no man
> > > really clever who has not found that he is stupid.
> >
> > --
> > --------------------------------------------------
> > Joaquin J. Domens
> > Área de Tecnología
> > Departamento de Producción / Aplicaciones
> > --------------------------------------------------
> > Terra Networks España S.A.
> > Julián Camarillo, 6
> > 28037 Madrid, España
> > Tel. (34) 91-375 2384 Fax (34) 91-375 2320
> > joaquin.domens at corp.terra.es
> > --------------------------------------------------
> > Mercado Continuo: TRR | Nasdaq: TRLY
> > --------------------------------------------------
> > http://www.terra.es
> > --------------------------------------------------
> >
> >
> >
> --
> Mark Andrews, Internet Software Consortium
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
--
--------------------------------------------------
Joaquin J. Domens
Área de Tecnología
Departamento de Producción / Aplicaciones
--------------------------------------------------
Terra Networks España S.A.
Julián Camarillo, 6
28037 Madrid, España
Tel. (34) 91-375 2384 Fax (34) 91-375 2320
joaquin.domens at corp.terra.es
--------------------------------------------------
Mercado Continuo: TRR | Nasdaq: TRLY
--------------------------------------------------
http://www.terra.es
--------------------------------------------------
More information about the bind-users
mailing list