samba - Dec 2011 - bind errors for latest samba 4 checkout

Hi everyone

openSUSE 12.1

After a recent Samba 4 pull I have these errors:

Dec  7 19:53:37 hh3 named[3121]: command channel listening on 127.0.0.1#953
Dec  7 19:53:37 hh3 named[3121]: the working directory is not writable
Dec  7 19:53:37 hh3 named[3121]: managed-keys-zone ./IN: loading from 
master file /var/lib/named/dyn//managed-keys.bind failed: file not found
Dec  7 19:53:37 hh3 named[3121]: managed-keys-zone ./IN: loaded serial 0
Dec  7 19:53:37 hh3 named[3093]: Starting name server BIND - Warning: 
/var/run/named/named.pid exists! ..done
Dec  7 19:53:37 hh3 named[3121]: running

Bind was recently updated in openSUSE. Setting /var/lib/named to 
named:named got rid of the first error. Is that OK?

But then:

rm /var/run/named/named.pid
rm: cannot remove `/var/run/named/named.pid': Too many levels of 
symbolic links

rm -r /var/run/named/ and restarting bind gives the same error.

I can't find much about the managed keys. I've asked here before abou 
this and on the openSUSE list.

The only change to the /etc/named.conf supplied by the distro is including:
/usr/local/samba/private/named.conf

Apart from this, bind and kebreros, pass all the tests as specified in 
the samba 4 howto.

If I:
touch /var/lib/named/dyn//managed-keys.bind

and restart named, it's almost clean:

Dec  7 20:23:13 hh3 named[3302]: command channel listening on 127.0.0.1#953
Dec  7 20:23:13 hh3 named[3302]: couldn't add command channel ::1#953: 
address not available
Dec  7 20:23:13 hh3 named[3302]: zone 0.0.127.in-addr.arpa/IN: loaded 
serial 42
Dec  7 20:23:13 hh3 named[3302]: zone 
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: 
loaded serial 42
Dec  7 20:23:13 hh3 named[3302]: zone localhost/IN: loaded serial 42
Dec  7 20:23:13 hh3 named[3302]: managed-keys-zone ./IN: loaded serial 0
Dec  7 20:23:13 hh3 named[3275]: Starting name server BIND - Warning: 
/var/run/named/named.pid exists! ..done
Dec  7 20:23:13 hh3 named[3302]: running

Before I can test and draw conclusions about the latest checkout I must 
know if these errors are significant.

Any ideas anyone?

Thanks
Steve.

On 12/07/2011 1:28 PM, steve wrote:
> Hi everyone
>
> openSUSE 12.1
>
> After a recent Samba 4 pull I have these errors:
>
> Dec  7 19:53:37 hh3 named[3121]: command channel listening on 
> 127.0.0.1#953
> Dec  7 19:53:37 hh3 named[3121]: the working directory is not writable
> Dec  7 19:53:37 hh3 named[3121]: managed-keys-zone ./IN: loading from 
> master file /var/lib/named/dyn//managed-keys.bind failed: file not found
> Dec  7 19:53:37 hh3 named[3121]: managed-keys-zone ./IN: loaded serial 0
> Dec  7 19:53:37 hh3 named[3093]: Starting name server BIND - Warning: 
> /var/run/named/named.pid exists! ..done
> Dec  7 19:53:37 hh3 named[3121]: running
>
> Bind was recently updated in openSUSE. Setting /var/lib/named to 
> named:named got rid of the first error. Is that OK?
>
> But then:
>
> rm /var/run/named/named.pid
> rm: cannot remove `/var/run/named/named.pid': Too many levels of 
> symbolic links
>
> rm -r /var/run/named/ and restarting bind gives the same error.
>
> I can't find much about the managed keys. I've asked here before
abou
> this and on the openSUSE list.
managed-keys.bind is related to dnssec, as is /etc/bind/bind.keys.  
dnssec was enabled by default starting with bind 9.5.
zytrax.com has excellent dns reference information; e.g. see 
http://www.zytrax.com/books/dns/ch7/security.html

>
> The only change to the /etc/named.conf supplied by the distro is 
> including:
> /usr/local/samba/private/named.conf
>
> Apart from this, bind and kebreros, pass all the tests as specified in 
> the samba 4 howto.
>
> If I:
> touch /var/lib/named/dyn//managed-keys.bind
>
> and restart named, it's almost clean:
>
> Dec  7 20:23:13 hh3 named[3302]: command channel listening on 
> 127.0.0.1#953
> Dec  7 20:23:13 hh3 named[3302]: couldn't add command channel ::1#953: 
> address not available
> Dec  7 20:23:13 hh3 named[3302]: zone 0.0.127.in-addr.arpa/IN: loaded 
> serial 42
> Dec  7 20:23:13 hh3 named[3302]: zone 
> 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: 
> loaded serial 42
> Dec  7 20:23:13 hh3 named[3302]: zone localhost/IN: loaded serial 42
> Dec  7 20:23:13 hh3 named[3302]: managed-keys-zone ./IN: loaded serial 0
> Dec  7 20:23:13 hh3 named[3275]: Starting name server BIND - Warning: 
> /var/run/named/named.pid exists! ..done
> Dec  7 20:23:13 hh3 named[3302]: running
Stop bind and see if /var/run/named/named.pid remains.  You may have a 
stale pid that needs removing manually.

Dale
>
> Before I can test and draw conclusions about the latest checkout I 
> must know if these errors are significant.
>
> Any ideas anyone?
>
> Thanks
> Steve.