transfer is not working
De Previde Prato Andrea
muccacucu*IVESTITI* at hotmail.com
Tue Jun 1 16:31:55 UTC 2004
verify permission on "/var/named on Slave server.
Is not a DNS problem, but System problem
"Olga" <olga at urbantimes.net> wrote in message
news:c9i8m5$2n4k$1 at sf1.isc.org...
>
> Hi,
>
> I have two servers: one is running RH Enterprise Linux (slave for the zone
I
> want to transfer) and the other RH Fedora2 (master for the zone I want to
> transfer).
>
> However, I am getting a message about permission denied when dumping
master
> file. Here are the messages I receive:
>
> 1) on the master (Fedora2):
> Jun 1 10:33:16 yyy named[9700]: client 131.xxx.xxx.xxx#50545: transfer of
> 'mysite.net/IN': AXFR started
>
>
> 2) on the slave (Enterprise):
> Jun 1 10:33:02 xxx named[3313]: dumping master file: tmp-XXXXB8OZ2C:
open:
> permission denied
> Jun 1 10:33:02 xxx named[3313]: transfer of 'mysite.net/IN' from
> 131.xxx.xxx.xxx#53: failed while receiving responses: permission denied
> Jun 1 10:33:02 xxx named[3313]: transfer of 'mysite.net/IN' from
> 131.xxx.xxx.xxx#53: end of transfer
>
>
> Here's the named.conf on the master:
>
> // generated by named-bootconf.pl
>
> options {
> directory "/var/named";
> /*
> * If there is a firewall between you and nameservers you want
> * to talk to, you might need to uncomment the query-source
> * directive below. Previous versions of BIND always asked
> * questions using port 53, but BIND 8.1 uses an unprivileged
> * port by default.
> */
> // query-source address * port 53;
>
> allow-transfer {131.xxx.xxx.xxx;};
>
> };
>
> //
> // a caching only nameserver config
> //
> controls {
> inet 127.0.0.1 allow { localhost; } keys { rndckey; };
> };
> zone "." IN {
> type hint;
> file "named.ca";
> };
>
> zone "localhost" IN {
> type master;
> file "localhost.zone";
> allow-update { none; };
> };
>
> zone "0.0.127.in-addr.arpa" IN {
> type master;
> file "named.local";
> allow-update { none; };
> };
>
> zone "xxx.xxx.131.in-addr.arpa" IN {
> type master;
> file "xxx.xxx.131.in-addr.arpa.zone";
> };
>
> zone "mysite.net" IN {
> type master;
> file "db.mysite.net";
> allow-transfer {
> 131.xxx.xxx.xxx;
> };
> };
>
>
>
> Here's the named.conf on the slave:
>
> // generated by named-bootconf.pl
>
> options {
> directory "/var/named";
> /*
> * If there is a firewall between you and nameservers you want
> * to talk to, you might need to uncomment the query-source
> * directive below. Previous versions of BIND always asked
> * questions using port 53, but BIND 8.1 uses an unprivileged
> * port by default.
> */
> // query-source address * port 53;
>
> allow-transfer {131.xxx.xxx.xxx;};
> };
>
> //
> // a caching only nameserver config
> //
> controls {
> inet 127.0.0.1 allow { localhost; } keys { rndckey; };
> };
> zone "." IN {
> type hint;
> file "named.ca";
> };
>
> zone "localhost" IN {
> type master;
> file "localhost.zone";
> allow-update { none; };
> };
>
> zone "0.0.127.in-addr.arpa" IN {
> type master;
> file "named.local";
> allow-update { none; };
> };
>
> zone "xxx.xxx.131.in-addr.arpa" IN {
> type master;
> file "namedb/xxx.xxx.xxx.in-addr.arpa.zone";
> };
>
> zone "mysite.net" IN {
> type slave;
> file "db.mysite.net";
> masters {
> 131.xxx.xxx.xxx;
> };
> };
>
>
> include "/etc/rndc.key";
>
>
> And here is the zone file:
>
> $ORIGIN .
> $TTL 86400 ; 1 day
> mysite.net IN SOA xxx.xxx.edu. root.xxx.xxx.edu. (
> 2004042702 ; serial
> 7200 ; refresh (2
hours)
> 3600 ; retry (1 hour)
> 604800 ; expire (1 week)
> 86400 ) ; minimum (1 day)
>
>
> IN NS xxx.xxx.edu.
(master)
> IN NS xxx.xxx.edu.
>
> IN A 131.xxx.xxx.xxx
>
> IN MX 10 xxx.xxx.edu.
> IN MX 20 xxx.xxx.edu.
>
> $ORIGIN mysite.net.
> xxx IN A 131.xxx.xxx.xxx
> www IN CNAME xxx.xxx.xxx.
>
>
> Can anybody tell me why I am getting permission denied when dumping master
file.
> Thanks a lot.
>
> Olga
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
More information about the bind-users
mailing list