named.service failed - NO DNS

Hi i did have an issue before and posted it below but the issue has got worse.

i now have no DNS due to named.d service failed when all i did was reboot the server. the error i get is

systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Fri 2024-11-29 23:48:50 UTC; 10s ago
  Process: 16230 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=1/FAILURE)
  Process: 16225 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (>

Nov 29 23:48:50 svruk01.clickns.cloud named[16231]: using 1 UDP listener per interface
Nov 29 23:48:50 svruk01.clickns.cloud named[16231]: using up to 21000 sockets
Nov 29 23:48:50 svruk01.clickns.cloud named[16231]: loading configuration from '/etc/named.conf'
Nov 29 23:48:50 svruk01.clickns.cloud named[16231]: /etc/named.conf:13: change directory to '/var/named' failed: permission denied
Nov 29 23:48:50 svruk01.clickns.cloud named[16231]: /etc/named.conf:13: parsing failed: permission denied
Nov 29 23:48:50 svruk01.clickns.cloud named[16231]: loading configuration: permission denied
Nov 29 23:48:50 svruk01.clickns.cloud named[16231]: exiting (due to fatal error)
Nov 29 23:48:50 svruk01.clickns.cloud systemd[1]: named.service: Control process exited, code=exited status=1
Nov 29 23:48:50 svruk01.clickns.cloud systemd[1]: named.service: Failed with result 'exit-code'.
Nov 29 23:48:50 svruk01.clickns.cloud systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
lines 1-16/16 (END)

Any ideas what could be the issue and fix?

Thanks
Dave

Check permissions on /var/named:

Code: [Select]

[root@srv1 overseer]# ls -al /var/ | grep named
drwxrwx--T.  6 root  named 8192 Sep  6 20:13 named

Thanks for the reply

for some reason the named folder user and group was set to a site i transferred over from cpanel the user was rhoscarpet:rhoscarpet

changed it back to root and give the folder permissions 777 to see if its working but i still get the same issue.

I noticed on your screenshot you have give it permissions with a T at the end (never seen T in permissions before ) do i need to do that?

If i try and run systemctl start named.service i get this error

Job for named.service failed because the control process exited with error code.
See "systemctl status named.service" and "journalctl -xe" for details.


and then this in journalctl -xe

Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: corporation.  Support and training for BIND 9 are
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: available at https://www.isc.org/support
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: ----------------------------------------------------
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: adjusted limit on open files from 262144 to 1048576
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: found 2 CPUs, using 2 worker threads
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: using 1 UDP listener per interface
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: using up to 21000 sockets
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: loading configuration from '/etc/named.conf'
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: unable to open '/etc/bind.keys'; using built-in keys instead
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: looking for GeoIP2 databases in '/usr/share/GeoIP'
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: opened GeoIP2 database '/usr/share/GeoIP/GeoLite2-Country.mmdb'
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: opened GeoIP2 database '/usr/share/GeoIP/GeoLite2-City.mmdb'
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: using default UDP/IPv4 port range: [32768, 60999]
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: using default UDP/IPv6 port range: [32768, 60999]
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: listening on IPv4 interface lo, 127.0.0.1#53
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: listening on IPv4 interface eth0, 172.236.14.181#53
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: listening on IPv6 interface lo, ::1#53
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: generating session key for dynamic DNS
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: sizing zone task pool based on 21 zones
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: could not configure root hints from 'named.ca': permission denied
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: loading configuration: permission denied
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: exiting (due to fatal error)
Nov 30 08:24:43 svruk01.clickns.cloud systemd[1]: named.service: Control process exited, code=exited status=1
Nov 30 08:24:43 svruk01.clickns.cloud systemd[1]: named.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- The unit named.service has entered the 'failed' state with result 'exit-code'.
Nov 30 08:24:43 svruk01.clickns.cloud systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
-- Subject: Unit named.service has failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit named.service has failed.
--
-- The result is failed.
Nov 30 08:24:45 svruk01.clickns.cloud postfix/smtpd[1219]: warning: unknown[80.94.95.235]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Nov 30 08:24:45 svruk01.clickns.cloud postfix/smtpd[1219]: disconnect from unknown[80.94.95.235] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Nov 30 08:24:49 svruk01.clickns.cloud postfix/smtpd[1224]: connect from unknown[80.94.95.235]
Nov 30 08:25:02 svruk01.clickns.cloud postfix/smtpd[1109]: connect from unknown[80.94.95.235]
Nov 30 08:25:03 svruk01.clickns.cloud postfix/smtpd[1224]: warning: unknown[80.94.95.235]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Nov 30 08:25:03 svruk01.clickns.cloud postfix/smtpd[1224]: disconnect from unknown[80.94.95.235] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Nov 30 08:25:15 svruk01.clickns.cloud postfix/smtpd[1109]: warning: unknown[80.94.95.235]: SASL LOGIN authentication failed: Connection lost to authentication server
Nov 30 08:25:16 svruk01.clickns.cloud postfix/smtpd[1219]: connect from unknown[80.94.95.235]



I take it its still a permissions issue?

Thnaks
Dave


Thanks
Dave

just in case this helped

this is the content of named folder




and this is the var folder with the permissions



Thanks
Dave

sorry for the posts i just want to let you know what i have tried

it looks like it happened when i did a cpanel to cwp on 4 accounts. i have just removed all them accounts to see if that would fix the issue bit its still the same.

Try:

Code: [Select]

chmod 770 /var/named
chown root.named /var/named
chown root.named /var/named/named.*
chown -R named.named /var/named/data /var/named/dynamic /var/named/slaves

then restart named and check if it works.

Hi Cyberspace

Thanks for the help.

I typed that in but the last command said invalid option -r is it a capital R?

Thanks
Dave

Just did a capital R

restarted the service and BANG! its working

if you have the time can you explain what you did or was it as simple as making the folder and files  you listed user as root and group as namd  ?

Do you know know why this would have happened ( sorry i know am taking up your time just trying to work my head around it)

Thanks
Dave

Yes, you are right. The capital "R" supposed to be there. (Updated my previous post to reflect the changes).

Actually, overseer's guess was correct. He recommended to check the access permissions of the folders/files used by named. He made his guess based on the log records demonstrated by you:

Code: [Select]

Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: could not configure root hints from 'named.ca': permission denied
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: loading configuration: permission denied
Nov 30 08:24:43 svruk01.clickns.cloud named[1986]: exiting (due to fatal error)

The commands provided by me just set the correct access permission on the files and folders to make them available for named service.

I saw a few posts on this forum about wrong access permissions applied on the folder/files used by named and seems the problem appears once one or more accounts are transferred by the migration tool (cwp --> cwp, cpanel --> cwp).

Thanks for cyberspace.

that is great! i wont do any migrations just incase it happens again.

Thanks!

To finalize, set the sticky bit permissions on the directory:

Code: [Select]

chmod +t 777 /var/named