Home>

I'm a Linux beginner.
I installed Bind from the source on CentOS7 referring to the book.
However, the book is old and does not support CentOS7, and it seems that it is not a book for beginners.

Starting with the following command and running without problems, I was able to confirm that I was able to draw the A record of the zone file I created with dig.
/ usr/local/named/sbin/named -u named -c /etc/named/named.conf

Next, I tried to start it with a startup script, created /etc/systemd/system/named.service and ran the command systemctl start named.service, but it was shutting down at the same time as running.
The contents of/var/log/messages are as follows.
oct 23 00:43:31 localhost named [2846]: none: 103:'max-cache-size 90%'-setting to 878MB (out of 976MB)
Oct 23 00:43:31 localhost named [2846]: command channel listening on 127.0.0.1 # 953
Oct 23 00:43:31 localhost named [2846]: the working directory is not writable
Oct 23 00:43:31 localhost named [2846]: managed-keys-zone/inside: loaded serial 0
Oct 23 00:43:31 localhost named [2846]: managed-keys-zone/outside: loaded serial 0
Oct 23 00:43:31 localhost named [2846]: zone testhoge.net/IN/inside: loaded serial 2017100901
Oct 23 00:43:31 localhost named [2846]: zone 0.0.127.in-addr.arpa/IN/inside: loaded serial 2017100901
Oct 23 00:43:31 localhost named [2846]: all zones loaded
Oct 23 00:43:31 localhost named [2846]: running
Oct 23 00:43:31 localhost named [2846]: zone testhoge.net/IN/inside: sending notifies (serial 2017100901)
Oct 23 00:43:31 localhost named [2846]: shutting down
Oct 23 00:43:31 localhost named [2846]: stopping command channel on 127.0.0.1 # 953
Oct 23 00:43:31 localhost named [2846]: error writing NTA file for view'inside&apos ;: permission denied
Oct 23 00:43:31 localhost named [2846]: error writing NTA file for view'outside&apos ;: permission denied
Oct 23 00:43:31 localhost named [2846]: error writing NTA file for view'_bind&apos ;: permission denied
Oct 23 00:43:31 localhost named [2846]: no longer listening on 127.0.0.1 # 53
Oct 23 00:43:31 localhost named [2846]: no longer listening on 192.168.179.5 # 53
Oct 23 00:43:31 localhost named [2846]: exiting

Note that /etc/systemd/system/named.service is as follows.
[Unit]
Description = named (BIND) is a Domain Name Server (DNS) that is used to resolve host names to IP addresses.

[Service]
Type = simple
User = root
ExecStart =/usr/local/named/sbin/named -u named -c /etc/named/named.conf
ExecStop =/bin/kill -WINCH $[MAINPID]

Can you tell me about the cause?

  • Answer # 1

    The directory cannot be specified if there is no information in named.conf, but it seems that the named user does not have write permission for the temporary file storage location.
    Create a directory that seems to be necessary and write it with named.

    Bind is vulnerable once or twice a year, so if you don't do complicated things, we recommend using nsd or unbound.