- 作为test.com的权威服务器
- 非递归服务器
- 将bind chroot在
/usr/local/bind/chroot
下
安装
wget http://www.bind.com/pub/bind9/9.7.2rc1/bind-9.7.2rc1.tar.gz
tar zxf bind-9.7.2rc1.tar.gz
cd bind-9.7.2rc1/
./configure --prefix=/usr/local/bind --enable-epoll --enable-threads
make && make install
#建立chroot相关文件
mkdir /usr/local/bind/chroot
cd /usr/local/bind/chroot
mkdir -p dev etc var/{run,log}
#建立dev文件
mknod dev/null c 1 3
mknod dev/random c 1 8
chmod 666 dev/{null,random}
#将localtime拷贝至etc目录下
cp /etc/localtime etc
#建立用户
useradd -M -s /sbin/nologin named
配置文件
#named.conf
key "rndc-key" {
algorithm hmac-md5;
secret "xxxxxxxxxxxxxxxxxxxxxxx";
};
controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; };
acl "myserver" { 127.0.0.1; };
logging {
channel default {
file "/var/log/named.log" versions 2 size 10k;
severity debug;
print-time yes;
print-severity yes;
print-category yes;
};
};
options {
directory "/";
pid-file "/var/run/named.pid";
notify yes;
recursion no;
zone-statistics yes;
statistics-file "/var/log/dns-stats.log";
allow-transfer { "myserver"; };
allow-query { any; };
listen