From nobody Sat Feb 17 18:26:58 2024 X-Original-To: freebsd-ports@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Tcchc40wSz5Bjjg for ; Sat, 17 Feb 2024 18:26:56 +0000 (UTC) (envelope-from fbsd@www.zefox.net) Received: from www.zefox.net (www.zefox.net [50.1.20.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "www.zefox.com", Issuer "www.zefox.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Tcchb2fN7z44Dw for ; Sat, 17 Feb 2024 18:26:55 +0000 (UTC) (envelope-from fbsd@www.zefox.net) Authentication-Results: mx1.freebsd.org; dkim=none; spf=none (mx1.freebsd.org: domain of fbsd@www.zefox.net has no SPF policy when checking 50.1.20.27) smtp.mailfrom=fbsd@www.zefox.net; dmarc=none Received: from www.zefox.net (localhost [127.0.0.1]) by www.zefox.net (8.17.1/8.15.2) with ESMTPS id 41HIQw1P080822 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Sat, 17 Feb 2024 10:26:58 -0800 (PST) (envelope-from fbsd@www.zefox.net) Received: (from fbsd@localhost) by www.zefox.net (8.17.1/8.15.2/Submit) id 41HIQwc4080821; Sat, 17 Feb 2024 10:26:58 -0800 (PST) (envelope-from fbsd) Date: Sat, 17 Feb 2024 10:26:58 -0800 From: bob prohaska To: freebsd-ports@freebsd.org Cc: bob prohaska Subject: Bind918 slave reports Dumping master file...open: file not found Message-ID: List-Id: Porting software to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-ports List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports@freebsd.org X-BeenThere: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Rspamd-Queue-Id: 4Tcchb2fN7z44Dw X-Spamd-Bar: / X-Spamd-Result: default: False [-0.50 / 15.00]; AUTH_NA(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.90)[-0.901]; SUBJECT_ENDS_SPACES(0.50)[]; MID_RHS_WWW(0.50)[]; WWW_DOT_DOMAIN(0.50)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_SOME(0.00)[]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:7065, ipnet:50.1.16.0/20, country:US]; MISSING_XM_UA(0.00)[]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; RCPT_COUNT_TWO(0.00)[2]; MLMMJ_DEST(0.00)[freebsd-ports@freebsd.org]; R_DKIM_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; DMARC_NA(0.00)[zefox.net]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_NA(0.00)[no SPF record] A releng/14 armv7 system using bind918 from pkg has been configured as a slave. The zone files were moved from a bind913 installation to the default /usr/local/etc/namedb. Transfers from the master seem to work and the slave answers queries. The options section of named.conf contains: directory "/usr/local/etc/namedb/working"; pid-file "/var/run/named/pid"; dump-file "/var/dump/named_dump.db"; statistics-file "/var/stats/named.stats"; recursion no; The files and directories exist with reasonable permissions: # ls -ld /usr/local/etc/namedb/working drwxr-xr-x 2 bind bind 512 Feb 16 15:29 /usr/local/etc/namedb/working # ls -l /var/run/named/pid -rw-r--r-- 1 bind bind 5 Feb 16 15:29 /var/run/named/pid # ls -l /var/dump/named_dump.db -rw-r--r-- 1 bind bind 0 Feb 16 15:28 /var/dump/named_dump.db After stopping and restarting named /var/log/messages still contains: .... Feb 16 15:35:38 ns2temp named[3730]: all zones loaded Feb 16 15:35:38 ns2temp named[3730]: running Feb 16 15:35:38 ns2temp named[3730]: dumping master file: slave/tmp-GJCoWCIfkq: open: file not found Feb 16 15:35:38 ns2temp named[3730]: managed-keys.bind.jnl: open: permission denied Feb 16 15:35:38 ns2temp named[3730]: managed-keys-zone: keyfetch_done:dns_journal_open -> unexpected error Feb 16 15:35:38 ns2temp named[3730]: managed-keys-zone: error during managed-keys processing (unexpected error): DNSSEC validation may be at risk Feb 16 15:35:38 ns2temp named[3730]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Feb 16 15:35:38 ns2temp named[3730]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Feb 16 15:35:38 ns2temp named[3730]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Feb 16 15:35:38 ns2temp named[3730]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Feb 16 15:35:38 ns2temp named[3730]: dumping master file: slave/tmp-Q6Y3sYziKE: open: file not found Feb 16 15:35:38 ns2temp named[3730]: dumping master file: slave/tmp-vASSKxorvs: open: file not found The "...file not found..." errors repeat at intervals. The checkhints errors appear harmless since the server is not recursive. I did not adopt the convention of naming directories primary and secondary, sticking with the old master and slave nomenclature. Could that be the culprit? I'm hesitant to mess with zone files that work 8-) Any hints on where to look in the man pages would be much appreciated. I thought there was a configuration test somewhere in the bind package but don't find it. Thanks for reading, bob prohaska