Domain-Name-System
rndc 命令不起作用
我一直在 centos 7 上建構 DNS 伺服器(我繼承了這些但需要進行更改以重新利用它們)
當我執行任何 rndc 命令時它不起作用,即當我嘗試 rndc reload 時,如果成功,我沒有得到確認,甚至沒有得到命令失敗
另請注意,我使用的是 linux 命名空間,因此典型的 rndc 命令具有前綴“ip entns exec gi”
如果我同時檢查 /var/log/messages,與另一台 DNS 伺服器相比,我不會得到任何輸出。
我在下面發布了必要服務的輸出:
/usr/lib/systemd/system/named.service
[Unit] Description=Berkeley Internet Name Domain (DNS) Wants=nss-lookup.target Wants=named-setup-rndc.service Before=nss-lookup.target After=network.target After=named-setup-rndc.service [Service] Type=forking Environment=NAMEDCONF=/etc/named.conf EnvironmentFile=-/etc/sysconfig/named Environment=KRB5_KTNAME=/etc/named.keytab PIDFile=/run/named/named.pid ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi' ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP $MAINPID' ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID' PrivateTmp=true [Install] WantedBy=multi-user.target/usr/lib/systemd/system/named-setup-rndc.service
[Unit] Description=Generate rndc key for BIND (DNS) [Service] Type=oneshot ExecStart=/usr/libexec/generate-rndc-key.sh我試圖刪除 rndc.key 文件並使用命名服務重新創建,但這沒有奏效。我真的很難過。有人對此有經驗嗎
命名後重新啟動日誌
-- Unit named-setup-rndc.service has begun starting up. Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 systemd[1]: Started Generate rndc key for BIND (DNS). -- Subject: Unit named-setup-rndc.service has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit named-setup-rndc.service has finished starting up. -- -- The start-up result is done. Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 systemd[1]: Starting Berkeley Internet Name Domain (DNS)... -- Subject: Unit named.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit named.service has begun starting up. Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: starting BIND 9.9.4-RedHat-9.9.4-74.el7_6.1 -u named -c /etc/named.conf -4 Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '- Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: ---------------------------------------------------- Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: BIND 9 is maintained by Internet Systems Consortium, Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: Inc. (ISC), a non-profit 501(c)(3) public-benefit Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: corporation. Support and training for BIND 9 are Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: available at https://www.isc.org/support Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: ---------------------------------------------------- Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: adjusted limit on open files from 4096 to 1048576 Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: found 8 CPUs, using 8 worker threads Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: using 8 UDP listeners per interface Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: using up to 21000 sockets Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: loading configuration from '/etc/named.conf' Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: reading built-in trusted keys from file '/etc/named.root.key' Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: initializing GeoIP Country (IPv4) (type 1) DB Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: GEO-106FREE 20180327 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: initializing GeoIP Country (IPv6) (type 12) DB Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: GEO-106FREE 20180605 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved Sep 24 14:01:40 DUB1-00-VM-GI_DNS1 named[12637]: GeoIP City (IPv4) (type 2) DB not available我也相信調試日誌被設置為寫入 /var/named/data/named.run 下面發布的輸出
tail -f /var/named/data/named.run all zones loaded running shutting down stopping command channel on 127.0.0.1#953 stopping command channel on ::1#953 no longer listening on 127.0.0.1#53 exiting managed-keys-zone: loaded serial 1021 all zones loaded running
我找到了答案,儘管在我的情況下這主要是一個新手問題。
我使用了 strace 工具並得到以下錯誤
strace -i rndc reload [00007f2716e56207] execve("/sbin/rndc", ["rndc", "reload"], 0x7ffc863430d0 /* 21 vars */) = -1 **ENOEXEC (Exec format error)** [00007f2716e7fd30] open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3 [00007f2716e7f8e4] fstat(3, {st_mode=S_IFREG|0644, st_size=2502, ...}) = 0 [00007f2716e8936a] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f27177d4000 [00007f2716e7ff70] read(3, "# Locale name alias data base.\n#"..., 4096) = 2502 [00007f2716e7ff70] read(3, "", 4096) = 0 [00007f2716e80620] close(3) = 0 [00007f2716e893f7] munmap(0x7f27177d4000, 4096) = 0 [00007f2716e7fd30] open("/usr/share/locale/en_GB.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) [00007f2716e7fd30] open("/usr/share/locale/en_GB.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) [00007f2716e7fd30] open("/usr/share/locale/en_GB/LC_MESSAGES/libc.mo", O_RDONLY) = 3 [00007f2716e7f8e4] fstat(3, {st_mode=S_IFREG|0644, st_size=1474, ...}) = 0 [00007f2716e8936a] mmap(NULL, 1474, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f27177d4000 [00007f2716dc29dc] close(3) = 0 [00007f2716e7fd30] open("/usr/share/locale/en.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) [00007f2716e7fd30] open("/usr/share/locale/en.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) [00007f2716e7fd30] open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) [00007f2716e7f8e4] fstat(2, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0 [00007f2716e8936a] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f27177d3000 [00007f2716e7ffd0] write(2, "strace: exec: Exec format error\n", 32strace: exec: Exec format error ) = 32 [00007f2716e561d9] exit_group(1) = ? [????????????????] +++ exited with 1 +++此錯誤 ENOEXEC(執行格式錯誤)特別指向損壞的文件,因此我採取的修復步驟是通過 yum update 更新綁定,rndc 現在成功