centos 6.9の命名設定エラー

centos 6.9の命名設定エラー

仮想マシンで/etc/init.d/named restartを実行しようとすると、このエラーが発生します。この問題を解決するにはどうすればよいですか?エラー出力は次のとおりです。

[shan@server1 ~]$ sudo /etc/init.d/named restart
Stopping named:                                            [  OK  ]
Starting named: /etc/init.d/named: line 115:  2072 Aborted                 /usr/sbin/named-checkconf $ckcf_options ${named_conf} > /dev/null 2>&1

Error in named configuration:
/etc/named.conf:163: bad secret 'bad base64 encoding'
/etc/named.conf:163: bad secret 'bad base64 encoding'
/etc/named.conf:163: bad secret 'bad base64 encoding'
mem.c:1246: REQUIRE(ctx->references == 1) failed.
                                                           [FAILED]

私の名前付き.confファイルは次のとおりです。

Code: Select all
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;

       /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};


logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};
zone shancked.com IN{
type master;
file "forward";
allow-update{none;};

};



include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

最後のキーファイルを置き換えた後も、この問題が発生します。

[shan@server1 ~]$ sudo vi /etc/named.conf
[shan@server1 ~]$ sudo named-checkconf /etc/named.conf
[shan@server1 ~]$ sudo /etc/init.d/named restart
Stopping named:                                            [  OK  ]
Starting named: /etc/init.d/named: line 115:  2278 Aborted                 /usr/sbin/named-checkconf $ckcf_options ${named_conf} > /dev/null 2>&1

Error in named configuration:
/etc/named.conf:163: bad secret 'bad base64 encoding'
/etc/named.conf:163: bad secret 'bad base64 encoding'
/etc/named.conf:163: bad secret 'bad base64 encoding'
mem.c:1246: REQUIRE(ctx->references == 1) failed.
                                                           [FAILED]
[shan@server1 ~]$

Bind-chroot を削除すると、次のエラー メッセージが表示されます。

[shan@server1 ~]$ sudo service named restart
Stopping named:                                            [  OK  ]
Starting named:
Error in named configuration:
forward:8: unknown RR type '@'
forward:9: unknown RR type 'server1'
forward:10: unknown RR type 'server2'
zone shancked.com/IN: loading from master file forward failed: unknown class/type
zone shancked.com/IN: not loaded due to errors.
_default/shancked.com/IN: unknown class/type
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
                                                           [FAILED]

これは私の/etc/named.rfc1912.zonesファイルの内容です。

zone "localhost.localdomain" IN {
        type master;
        file "named.localhost";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "named.localhost";
        allow-update { none; };
};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.loopback";
        allow-update { none; };
};

zone "1.0.0.127.in-addr.arpa" IN {
        type master;
        file "named.loopback";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "named.empty";
        allow-update { none; };
};

渡されるファイルは次のとおりです。

$TTL 1D
$ORIGIN example.tv.
@       IN SOA  server1.example.tv. root.server.example.tv. (
                                2018020211              ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
;
;
        @        IN NS server1.example.tv.
        server1 IN  A  10.0.2.17
        server2 IN  A  10.0.2.16

キーファイルは次のとおりです。

server1.shancked.com. {
algorithm hmac-md5;
secret sml8ZD7dKHzINlkIjZRD0w==;

};

キーファイルを更新した後、次のエラーが発生します。

zone example.tv IN {
type master;
file "forward";
allow-update { key server1.example.tv; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/etc/named/server.key";

サーバーキーファイル:

key server1.example.tv {
algorithm hmac-md5;
secret "EeLHcvOPr4cCaEySX1jBbw==";

};

エラーメッセージ:

[shan@server1 named]$ sudo service named restart
Stopping named:                                            [  OK  ]
Starting named:
Error in named configuration:
forward:11: unknown RR type '@'
forward:12: unknown RR type 'server1'
forward:13: unknown RR type 'server2'
zone example.tv/IN: loading from master file forward failed: unknown class/type
zone example.tv/IN: not loaded due to errors.
_default/example.tv/IN: unknown class/type
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
                                                           [FAILED]

答え1

キー宣言が正しくありません。

server1.shancked.com. {
    algorithm hmac-md5;
    secret [base64_secret];
};

しなければならない

key "key_name" {
    algorithm hmac-md5;
    secret "[base64_secret]";
};

key_name場所は名前付き.confで適切に参照する必要があります。

関連情報