指定されたサービスを再起動したいのですが、エラーが発生します。
[root@KAASH-HIS-1 named]# service named restart
Redirecting to /bin/systemctl restart named.service
Job for named.service failed because the control process exited with error code. See "systemctl status named.service" and "journalctl -xe" for details.
その後、systemctl status name.service コマンドを実行してネーミングサービスの状態を確認しましたが、失敗しました。
[root@KAASH-HIS-1 named]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2023-02-17 02:11:18 +03; 13s ago
Process: 10560 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=1/FAILURE)
Feb 17 02:11:18 KAASH-HIS-1 systemd[1]: Starting Berkeley Internet Name Domain (DNS)...
Feb 17 02:11:18 KAASH-HIS-1 bash[10560]: /etc/named.conf:62: missing ';' before '}'
Feb 17 02:11:18 KAASH-HIS-1 systemd[1]: named.service: control process exited, code=exited status=1
Feb 17 02:11:18 KAASH-HIS-1 systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Feb 17 02:11:18 KAASH-HIS-1 systemd[1]: Unit named.service entered failed state.
Feb 17 02:11:18 KAASH-HIS-1 systemd[1]: named.service failed.
[root@KAASH-HIS-1 named]#
これは /etc/named.conf ファイルです
[root@KAASH-HIS-1 named]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
listen-on port 53 { 127.0.0.1;10.93.200.34; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; };
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.root.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "kaash.local" IN {
type master;
file "forward.kaash.local";
allow-update {none;};
};
zone "200.93.10.in-addr.arpa" IN {
type master;
file "reverse.kaash.local";
allow-update {none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
これはforward.kaash.localゾーンファイルです。
[root@KAASH-HIS-1 named]# cat forward.kaash.local
$TTL 1D
@ IN SOA kaash-his-1.kaash.local. root.kaash.local. (
2014051001 ; serial
3600 ; refresh
1800 ; retry
604800 ; expire
86400 ; minimum
)
@ IN NS kaash-his-2.kaash.local.
@ IN PTR kaash.local.
kaash-his-1 IN A 10.93.200.34
KAASH-HIS-2 IN A 10.93.200.37
kaash-scan IN A 10.93.200.81
kaash-scan IN A 10.93.200.82
kaash-scan IN A 10.93.200.83
34 IN PTR kaash-his-1.kaash.local
39 IN PTR kaash-his-2.kaash.local
81 IN PTR kaash-scan.kaash.local
82 IN PTR kaash-scan.kaash.local
83 IN PTR kaash-scan.kaash.local
以下はリバースファイル領域です。
[root@KAASH-HIS-1 named]# cat reverse.kaash.local
$TTL 1D
@ IN SOA kaash-his-1.kaash.local. root.kaash.local. (
2014051001 ; serial
3600 ; refresh
1800 ; retry
604800 ; expire
86400 ; minimum
)
@ IN NS kaash-his-2.kaash.local.
@ IN PTR kaash.local.
kaash-his-1 IN A 10.93.200.34
KAASH-HIS-2 IN A 10.93.200.37
kaash-scan IN A 10.93.200.81
kaash-scan IN A 10.93.200.82
kaash-scan IN A 10.93.200.83
34 IN PTR kaash-his-1.kaash.local
39 IN PTR kaash-his-2.kaash.local
81 IN PTR kaash-scan.kaash.local
82 IN PTR kaash-scan.kaash.local
83 IN PTR kaash-scan.kaash.local
このエラーを解決する方法Berkeleyインターネット名ドメイン(DNS)を起動してNamed.serviceを再起動できませんか?
修正する:
追加しましたが、別のエラーが表示されます。
[root@KAASH-HIS-1 named]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2023-02-17 09:14:20 +03; 16s ago
Process: 37422 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=1/FAILURE)
Feb 17 09:14:20 KAASH-HIS-1 bash[37422]: _default/kaash.local/IN: no owner
Feb 17 09:14:20 KAASH-HIS-1 bash[37422]: zone localhost.localdomain/IN: loaded serial 0
Feb 17 09:14:20 KAASH-HIS-1 bash[37422]: zone localhost/IN: loaded serial 0
Feb 17 09:14:20 KAASH-HIS-1 bash[37422]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Feb 17 09:14:20 KAASH-HIS-1 bash[37422]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Feb 17 09:14:20 KAASH-HIS-1 bash[37422]: zone 0.in-addr.arpa/IN: loaded serial 0
Feb 17 09:14:20 KAASH-HIS-1 systemd[1]: named.service: control process exited, code=exited status=1
Feb 17 09:14:20 KAASH-HIS-1 systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Feb 17 09:14:20 KAASH-HIS-1 systemd[1]: Unit named.service entered failed state.
Feb 17 09:14:20 KAASH-HIS-1 systemd[1]: named.service failed.
ベストアンサー1
表示エラーsystemctl status named.service:
/etc/named.conf:62: '}' の前に ';' がありません。
だからあなたは/etc/named.conf(私の意見を無視してください//):
....
zone "." IN {
type hint;
file "named.ca";
};
zone "kaash.local" IN {
type master;
file "forward.kaash.local";
allow-update {none;}; // here it was missing the `;`
}; // line 62
....