Bind的编译安装
大多以tar.gz 和tar.bz2打包软件,大多是通过 ./configure ;make ;make install 来安装的;有的软件是直接make&&make install ,我们可以通过./configure ——help 来查看配置软件的功能;大多软件是提供./configure 配置软件的功能的;少数的也没有,如果没有的就不用,直接make&&make install 就行了。
./configure 比较重要的一个参数是 ——prefix ,用——prefix 参数,我们可以指定软件安装目录;当我们不需要这个软件时,直接删除软件的目录就行了。
比如我们可以指定bind安装到/usr/local/bind目录中:
[[email protected] bind]#./configure ——prefix=/usr/local/bind 如果我们不需要bind 时,可以直接删除/usr/local/bind目录。
下面我们来编译安装bind-9.9.5.tar.gz
1.创建named系统用户,UID=53,会自动创建named属组,GID=53。因为DNS的服务文件中的属组都是以named运行的。
# useradd -r -u 53 named
2.展开压缩包,编译安装
#tar xf bind-9.9.5.tar.gz
#cd bind-9.9.5
#./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named --disable-ipv6 --disable-chroot --enable-threads
#make && make install
参数介绍:还有很多参数,man ./configure里面有很多参数,可以看一下
--prefix=/usr/local/bind9:指定安装路径
--sysconfdir=/etc/named:创建的系统配置文件放在named里面
--disable-ipv6:不启动ipv6
--disable-chroot:不启用chroot功能
--enable-threads:启动线程
3.修改PATH环境变量
#vim /etc/profile.d/bind.sh
在里面添加环境变量,.source bind.sh或重新打开一个窗口,或者再重启一下,用echo $PATH就可以看见环境变量已经添加进来了。
4.导出帮助手册
查看帮助手册时候,#man –M /usr/local/bind9/share/man/ named
这里有时会遇到一个问题:
Cannot open the message catalog "man" for locale "zh_CN.UTF-8"
(NLSPATH="/usr/share/locale/%l/LC_MESSAGES/%N")
解决:#cp /usr/share/locale/en/LC_MESSAGES/man /usr/share/locale/zh/LC_MESSAGES/
若想以后不用绝对路径查看帮助文档的解决办法:
编辑配置文件:#vim /etc/man.config在里面添加一行绝对路径就可以了。
5.提供主配置文件/etc/named/named.conf
#chown root:named named.conf #chmod 640 named.conf
为根及localhost提供区域解析库
#mkdir /var/named/slaves –pv #chown root:named /var/named #chown named:named /var/named/slaves/ #chmod 750 /var/named #chmod 770 /var/named/slaves/
localhost.zone
127.0.0.in-addr.arpa
#chown :named localhost.zone #chown :named 127.0.0.zone
创建named.ca
在/var/named目录中创建named.ca,把下面的复制进去
; This file holds the information on root name servers needed to ; initialize cache of Internet domain name servers ; (e.g. reference this file in the "cache . <file>" ; configuration file of BIND domain name servers). ; ; This file is made available by InterNIC ; under anonymous FTP as ; file /domain/named.cache ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET ; ; last update: June 2, 2014 ; related version of root zone: 2014060201 ; ; formerly NS.INTERNIC.NET ; . 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 ; ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::B ; ; FORMERLY C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::C ; ; FORMERLY TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D ; ; FORMERLY NS.NASA.GOV ; . 3600000 NS E.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 ; ; FORMERLY NS.ISC.ORG ; . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F ; ; FORMERLY NS.NIC.DDN.MIL ; . 3600000 NS G.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 ; ; FORMERLY AOS.ARL.ARMY.MIL ; . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235 ; ; FORMERLY NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53 ; ; OPERATED BY VERISIGN, INC. ; . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30 ; ; OPERATED BY RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1 ; ; OPERATED BY ICANN ; . 3600000 NS L.ROOT-SERVERS.NET. L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 ; ; OPERATED BY WIDE ; . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35 ; End of File
6.尝试启动缓存名称服务器
#named-checkconfig #named -u named -c /etc/named/named.conf 运行于后端,启动named,会打开53端口
7.提供rndc
#rndc-confgen -r /dev/urandom > /etc/named/rndc.conf #chown root:named /etc/named/rndc.conf #chmod 440 /etc/named/rndc.conf
把rndc.conf里的注释信息复制到named.conf中,注释去掉。
key "rndc-key" { algorithm hmac-md5; secret "ji71N+eDfn8txV9fIlGMEw=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; };
用kissall –HUP named把named进程杀掉,在启动一下,rndc就可以用了,如果还出错,就检查一下权限,如果权限没有问题,就重启系统吧,我的就是检查了大半天看不见错的,可是rndc就是起不起来,我重启一下系统就可以,具体原因未知。
8.提供脚本
#vim /etc/init.d/named
添加以下脚本
#!/bin/bash # # description: named daemon # chkconfig: - 25 80 # pidFile=/usr/local/bind9/var/run/named.pid lockFile=/var/lock/subsys/named confFile=/etc/named/named.conf [ -r /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions start() { if [ -e $lockFile ]; then echo "named is already running..." exit 0 fi echo -n "Starting named:" daemon --pidfile "$pidFile" /usr/local/bind9/sbin/named -u named -c "$confFile" RETVAL=$? echo if [ $RETVAL -eq 0 ]; then touch $lockFile return $RETVAL else rm -f $lockFile $pidFile return 1 fi } stop() { if [ ! -e $lockFile ]; then echo "named is stopped." #exit 0 fi echo -n "Stopping named:" killproc named RETVAL=$? echo if [ $RETVAL -eq 0 ];then rm -f $lockFile $pidFile return 0 else echo "Cannot stop named." failure return 1 fi } restart() { stop sleep 2 start } reload() { echo -n "Reloading named: " killproc named -HUP #killall -HUP named RETVAL=$? echo return $RETVAL } status() { if pidof named &> /dev/null; then echo -n "named is running..." success echo else echo -n "named is stopped..." success echo fi } usage() { echo "Usage: named {start|stop|restart|status|reload}" } case $1 in start) start ;; stop) stop ;; restart) restart ;; status) status ;; reload) reload ;; *) usage exit 4 ;; esac
到此,就可以启动服务了,编译完成。
DNS(四)--DNS编译安装,布布扣,bubuko.com