Installation instructions for BIND 9.5 DLZ ( continuation... )
my named.conf file is look like this
##########################################################
//
options {
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursion yes;
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.localhost";
};
zone "0.168.192.in-addr.arpa" {
notify no;
type master;
file "named.192.168.0.244";
};
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=binddlzdb user=binddlzuser pass=binddlzpassword}
{select zone from records where zone = '%zone%'}
{select ttl, type, mx_priority, case when lower(type)='txt' then
concat('\"', data, '\"')
else data end from records where zone = '%zone%' and host = '%record%'
and not (type = 'SOA' or type = 'NS')}
{select ttl, type, mx_priority, data, resp_contact, serial,
refresh, retry, expire, minimum
from records where zone = '%zone%' and (type = 'SOA' or type='NS')}
{select ttl, type, host, mx_priority, data, resp_contact, serial,
refresh, retry, expire,
minimum from records where zone = '%zone%' and not (type =
'SOA' or type = 'NS')}
{select zone from xfr where zone = '%zone%' and client = '%client%'}
{update data_count set count = count + 1 where zone ='%zone%'}";
};
########################################################
[root@testserver ~]# ls /var/named/chroot/var/named/
named.192.168.0.244
named.empty
named.localhost
named.ca
named.loopback
vi named.192.168.0.244
$TTL 1D
@ IN SOA ns1.testserver.com. hostmaster.testserver.com (
1999021004 ; Serial, todays date + todays serial
8H ; Refresh
2H ; Retry
1W ; Expire
1D) ; Minimum TTL
NS ns1.testserver.com.
244 PTR testserver.com.
vi named.localhost
$TTL 1D
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
--
Installation instructions for BIND 9.5 DLZ
Installation instructions for BIND 9.5 DLZ
cd /usr/src
wget http://people.redhat.com/atkac/bind/bind-9.5.0-16.3.a6.fc9.src.rpm
rpm -ivvh bind-9.5.0-16.3.a6.fc9.src.rpm
cd redhat/SPEC
rpmbuild -ba bind.spec
cd /usr/src/redhat/RPM/i386/
rmp -ivvh bind-9.5.0-16.3.a6.fc9.i386.rpm
Instruction for BIND to insteract with MySQL
mysqladmin -u root password agnello
mysqladmin -u root -p create binddlzdb
Change to the MySQL database administration and add the bind-dlz user
and password:
USE mysql;
INSERT INTO user (Host, User, Password) VALUES
('localhost','binddlzuser',password('binddlzpassword'));
INSERT INTO db (Host, Db, User, Select_priv) VALUES
('localhost','binddlzdb','binddlzuser','Y');
Setup the rights for the just created users:
FLUSH PRIVILEGES;
GRANT USAGE ON binddlzdb.* TO binddlzuser@localhost;
GRANT SELECT, INSERT, DELETE, UPDATE ON binddlzdb.* TO binddlzuser@localhost;
USE binddlzdb;
we create the record table . The table "records" holds all information
about your zones,
CREATE TABLE `records` ( `id` int(10) unsigned NOT NULL
auto_increment, `zone` varchar(255) NOT NULL, `ttl` int(11) NOT NULL
default '86400', `type` varchar(255) NOT NULL, `host` varchar(255) NOT
NULL default '@', `mx_priority` int(11) default NULL, `data` text,
`primary_ns` varchar(255) default NULL, `resp_contact` varchar(255)
default NULL, `serial` bigint(20) default NULL, `refresh` int(11)
default NULL, `retry` int(11) default NULL, `expire` int(11) default
NULL, `minimum` int(11) default NULL, PRIMARY KEY (`id`), KEY `type`
(`type`), KEY `host` (`host`), KEY `zone` (`zone`) );
then create xfr table . "xfr" can be used to allow AXFR/IXFR zone
transfers per zone and host
CREATE TABLE `xfr` ( `zone` varchar(255) NOT NULL, `client`
varchar(255) NOT NULL, KEY `zone` (`zone`), KEY `client` (`client`) );
Edit the named.conf
vi /etc/named.conf
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=binddlzdb user=binddlzuser pass=binddlzpassword}
{select zone from dns_records where zone = '%zone%'}
{select ttl, type, mx_priority, case when lower(type)='txt' then
concat('\"', data, '\"')
else data end from dns_records where zone = '%zone%' and host
= '%record%'
and not (type = 'SOA' or type = 'NS')}
{select ttl, type, mx_priority, data, resp_person, serial, refresh,
retry, expire, minimum
from dns_records where zone = '%zone%' and (type = 'SOA' or type='NS')}
{select ttl, type, host, mx_priority, data, resp_person, serial,
refresh, retry, expire,
minimum from dns_records where zone = '%zone%' and not (type =
'SOA' or type = 'NS')}
{select zone from xfr_table where zone = '%zone%' and client = '%client%'}
{update data_count set count = count + 1 where zone ='%zone%'}";
};
############################################################
Need to disable SElinux
setenforce 0
Starting service from boot
chkconfig --levels 235 named
chkconfig --levels 235 mysqld
/etc/init.d/mysqld start
/etc/init.d/named start
Log location
tail -f /var/log/messages
--
smtp-AUTH :relay access denied
I have solved the problem with smtp -auth. ( relay access denied ) and
thought i would share my configuration the with those who are facing
similar issues
My system is FC4 and i wanted a basic requirement of system users on
my mail server ( only one domain ) . setting up of postfix in this
case is pretty easy but smth-AUTH as major problem. Here are some of
my tips and configuration files i sued to authenticate users through
PAM instead of the /etc/shadow . { note: for to users authenticate r
through /etc/shadow you would need to allow postfix have read
permission to the /etc/shadow file , which would be a security risk by
default /etc/shadow is 400 }
the testsaslauthd is a command to check is system user authenticate testsaslauthd -u testpostfix -p testpostfix
vi /etc/sysconfig/saslauthd # Directory in which to place saslauthd's listening socket, pid file, and so # on. This directory must already exist. SOCKETDIR=/var/run/saslauthd # Mechanism to use when checking passwords. Run "saslauthd -v" to get a list # of which mechanism your installation was compiled to use. MECH="PAM" # Additional flags to pass to saslauthd on the command line. See saslauthd(8) # for the list of accepted flags. FLAGS=
vi /usr/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd mech_list: PLAIN LOGIN
[root@server227 ~]# rpm -qa grep cyrus cyrus-sasl-2.1.20-6 cyrus-sasl-plain-2.1.20-6 cyrus-sasl-sql-2.1.20-6 cyrus-sasl-md5-2.1.20-6 cyrus-sasl-devel-2.1.20-6 cyrus-sasl-gssapi-2.1.20-6 cyrus-sasl-ntlm-2.1.20-6
vi main.cf
enable_server_options = yes smtpd_sasl2_auth_enable = yes smtpd_sasl_auth_enable = yes smtpd_sasl_path = smtpd smtpd_sasl_application_name = smtpd smtpd_sasl_security_options = noanonymous smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = broken_sasl_auth_clients = yes server_enabled = 1 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_relay_domains
telnet ipaddress 25
220 mail.foostor.com ESMTP Postfix ehlo localhost 250-mail.foostor.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250 8BITMIME
You can alo check the mynetwork_style = subnet and it should work
Subscribe to:
Posts (Atom)