Cannot create DNS zones using Centos 6 64 bits

Virtualmin
1

Hi

I have been a user of virtualmin GPL for a long time now, but since I moved to CentOS 6 64bits, I cannot create domains anymore.

This is the message I get when I create a new domain with DNS zone:

Adding new DNS zone …
… BIND DNS domain failed! : Failed to replace /var/named/chroot/etc/named.conf with /var/named/chroot/etc/named.conf.webmintmp.4440 : Device or resource busy at …/web-lib-funcs.pl line 1360.

Adding new virtual website …
… Apache website failed! : Failed to replace /var/named/chroot/etc/named.conf with /var/named/chroot/etc/named.conf.webmintmp.4440 : Device or resource busy at …/web-lib-funcs.pl line 1360.

I would replace this file manually later, but it seems it is deleted, or it never existed.

Could you please provide some light on this issue? I am using virtualmin 3.88.gpl GPL, and I have tried rebooting and making simple changes to isolate the problem without success. Could it be related to the differences between centos 5 and centos 6?

Thanks

2

Howdy,

Well, things should work just fine on CentOS 6, there’s a lot of folks using that now. It looks like, for some reason, something is holding the file "/var/named/chroot/etc/named.conf " open.

If you run this command, what output do you receive:

lsof | grep named.conf

3

Hi,

I have the same problem too.
lsof | grep named.conf returns nothing.

4

that is correct lsof | grep named.con shouldn’t return anything (as Eric indicated already in his previous message).

I also installed centos 6.0 and virtualmin has been working just fine on it.

Ps
The chroot part in the above error message looks a bit strange to me.

5

Does the directory /var/named/chroot/etc actually exist on your system, and if so does named.conf exist inside it, and is it a regular file?

6

Yes, lsof | grep named.conf does not return anything and the file exists and it is a regular file.

It might be that during the process, this file gets locked, but I cannot tell you.

7

Is there anyway to execute this process step by step or in the command line?

Anyway to debug or workaround this?

8

What does ls -l /var/named/chroot/etc show on your system?

9

Nothing special I think:

[root@nova ~]$ ls -l /var/named/chroot/etc total 28 -rw-r--r-- 1 root root 2945 Jul 8 20:47 localtime drwxr-x--- 2 root named 4096 Jun 25 05:48 named -rw-r----- 1 root named 931 Sep 1 14:38 named.conf -rw-r--r-- 1 root named 601 Jun 25 05:48 named.iscdlv.key -rw-r----- 1 root named 931 Jun 21 2007 named.rfc1912.zones drwxr-xr-x 3 root root 4096 Jul 8 20:46 pki -rw-r----- 1 root named 77 Jul 8 20:45 rndc.key
10

Hi!

I have exactly the same problem and also lsof | grep named.conf returns nothing.
I have tried to stop bind by issuing:
/etc/init.d/named stop

After that, the domain was successfully created. Of course I had to start it again:
/etc/init.d/named start

Perhaps this should be an automatic process virtualmin is “forgetting” :slight_smile:

Greets.

11

Hello,

It seems that in CentOS 6 the file /etc/named.conf is copied every time after daemon restart in chroot location. After that, it can’t be moved/replaced with another file (as webmin is trying to do):

# mv /var/named/chroot/etc/named.conf /tmp/named.conf
mv: cannot move ‘/var/named/chroot/etc/named.conf’ to ‘/tmp/named.conf’: Device or resource busy

The process ‘named’ itself block access to this file.

So, the solution is to change some parameters in webmin:

Webmin -> Servers -> BIND DNS Server -> Module Config

In “Configuration category -> BIND paths” change “Is named.conf under chroot directory?” parameter to “No”; then webmin/virtualmin will modify named.conf from /etc location of root system file. Obviously, after named daemon restart this file is copied in chroot location so everything should be fine.

In “Configuration category -> System configuration” change “PID file is under chroot directory?” parameter to “No”, as webmin doesn’t read pid from chrooted file and reports me that BIND is not started (event it was).

Regards.

12

I had a look into this, and it seems that the cause is the way CentOS 6 sets up the named chroot environment. The best fix for now would be to stop using the chroot completely, as it has few real security benefits in my opinion. To do this :

  1. Stop BIND
  2. Edit /etc/sysconfig/named and remove the ROOTDIR line.
  3. Start BIND again
13

This solution worked for me…

However it’s been a long time and this problem is still present in current releases of virtualmin… with Centos 6.2

Probably it is time to introduce this fix in the official release?

14

Please can you elaborate on the steps to achieve your suggestion for a newbie like me.

Thank you.

15

If you are a newbie, maybe it is more secure for you to accept Jamie’s Cameron solution. Remove (or comment) the line with ROOTDIR from file /etc/sysconfig/named

My solution is a little more complicated and is useful only if you really want chroot named.

Regards.

16

How do I do Jamie’s Cameron solution? I mean where to see, open and edit /etc/sysconfig/named.

I just need guideline to do it.

I have virtualmin/Webmin and putty. So where do I go?
A click on Check BIND Config (under BIND DNS Server) shows these below;

The following errors were found in the BIND configuration file /var/named/chroot

/etc/named.conf or referenced zone files …

zone suuut.co.cc/IN: loading from master file /var/named/suuut.co.cc.hosts failed: file not found

zone suuut.co.cc/IN: not loaded due to errors.

_default/suuut.co.cc/IN: file not found

Please help.

Thanks

17

You have to edit that file.

Method 1: from Webmin interface -> Others -> File Manager, go to /etc/sysconfig directory and then edit ‘named’ file
Method 2: using putty (and maybe midnight commander) in ssh console go to /etc/sysconfig directory and edit ‘named’ file (use your favourite file editor: mcedit, vi, joe etc.)

18

I still have the same problem after making the change and restarting.

19

Referring to b1cata in post http://www.virtualmin.com/node/19608#comment-90978

This is a fresh install of Centos6

Although b1cata solved my problem starting named, when I created a domain, it gave an error that it wasn’t finding or could not open named.conf.

I played around for a while unsuccessfully UNTIL…

I have an installation of Centos5 with Virtualmin Pro as well. I compared the settings of both. It looks like Centos5 Bind is chrooted too.

I attached some screen shots of the setting I used to get it going under Centos6

I noticed under Bind Paths in the Centos6 install, there was a missing line with the following command.

sh -c ‘. /etc/sysconfig/named && echo “$ROOTDIR”’

Look at each of the attached screen shots to see my settings

Hope this helps someone.
If you see anything I don’t know about, that I need to change, let me know.

The centos 6 system is installed on an openvz server, 3 gigs of ram
https://deasoft.com/usvps.php

The centos5 system is on a 2 gig of ram openvz system at vpslink and is grandfathered in since they no longer offer the 2 gig memory configuration.

20

We will be release a fix for this shortly, but until then the fix is to set “Chroot directory to run BIND under” to “None” and “Command to find chroot directory” to “Use fixed directory above” . Even when BIND is running chroot’d on CentOS 6, Webmin doesn’t need to know about it due to the different way the chroot is setup compared to other systems…