DNS服务之bind编译安装详尽版

hrtgrsf · 发表于 2015-4-2 08:13:41

一、安装开发包组"Development Tools"、"Server Platform Tools"，保证编译的正常进行。

1	yum groupinstall "Development Tools" "Server Platform Tools"

二、添加named系统组和系统用户

1 2	groupadd -r -g 53 named useradd -r -u 53 -g named named

三、准备bind--9.9.6-P1源代码，解压后进入解压目录使用./configure --help查看帮助，保证编译的准确性

1
2
3
4
5
6
7

tar xvf bind-9.9.6-P1.tar.gz
cd bind-9.9.6-P1
./configure --help | more
./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named/ --disable-
chroot --enable-threads
make
make install

四、导出程序文件路径到环境变量PATH中，保证bind的正常启动

1	vim /etc/profile.d/named.sh

PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH
echo PATH

1	source /etc/profile.d/named.sh

五、导出帮助文件，保证能够使用man named

1	vim /etc/man.config

MANPATH /usr/local/bind9/share/man
六、导出库文件，方便二次开发bind使用

1
2
3

cd /etc/ld.so.conf.d/
echo "/usr/local/bind9/lib" > bind9.conf
ldconfig -v

七、创建区域数据库目录，使用dig工具，准备根区域数据库、localhost正向域数据库文件、localhost反向域数据库文件，并修改该目录下所有文件的访问权限和属组

1
2
3

mkdir /var/named/ && cd /var/named/
dig -t NS . @202.173.10.87 > /var/named/named.ca
vim /var/named/named.localhost

$TTL 86400
@ IN SOA localhost. nsadmin.localhost. (
201503251
12H
1H
15D
1D )
IN NS localhost.
IN A 127.0.0.1

1
2
3
4
5

cp named.localhost named.loopback
sed -i '$d' named.loopback
echo " IN PTR localhost." >> named.loopback
chmod 640 *
chown :named *

八、编写bind配置文件，并使用rndc-confgen生成密钥，并将密钥放入bind配置文件中

1 2	rndc-confgen -r /dev/urandom vim /etc/named/named.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "D8sH28h0fGjcyKYR6W6o0A==";
};

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
# End of named.conf
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none;};
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none;};
};

九、编写bind的服务脚本，并修改其访问权限

1	vim /etc/rc.d/init.d/named

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97

#!/bin/bash
#
#chkconfig: 2345 60 39
#
#description:Bind-9.9.6-P1 named daemon
pidfile=/usr/local/bind9/var/run/named/named.pid
lockfile=/var/lock/subsys/named
confile=/etc/named/named.conf
named=/usr/local/bind9/sbin/named
prog=named
[ -r /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions
start() {
if [ -e $lockfile ] ; then
echo  "$prog is already running."
warning
echo  -e
exit 0
fi
echo -n "Starting $prog:"
daemon --pidfile $pidfile $named -u named -c $confile
retval=$?
echo
if [[ $retval -eq 0 ]] ; then
touch $lockfile
return $retval
else
rm -f $lockfile $pidfile
return 1
fi
}
stop() {
if [ ! -e $lockfile ] ; then
echo  "$prog is stopped."
warning
echo -e
exit 0
fi
echo -n "stopping $prog:"
killproc $prog
retval=$?
echo
if [[ $retval -eq 0 ]] ; then
rm -rf $lockfile $pidfile
return 0
else
echo "$prog can't be stopped."
warning
echo -e
return 1
fi
}
restart() {
stop
start
}
reload() {
echo "reload the $prog:"
killproc -HUP $prog
retval=$?
echo
return $retval
}
status() {
if pidof $prog &> /dev/null; then
echo  "$prog is running.\n"
success
echo
else
echo  "$prog is stopped.\n"
success
echo
fi
}
usage() {
echo "Usage:named {start|stop|status|reload|restart}"
}
case $1 in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
status)
status
;;
reload)
reload
;;
*)
usage
exit 1
;;
esac

1 2	chkconfig --add named chmod 755 /etc/rc.d/init.d/named

至此，bind-9.9.6-P1编译安装结束。

账号		自动登录	找回密码
密码			立即注册

wirelessnetview好用的无线分析工具

亿图图示专家(EDraw Max) V7.9 中文破解版

zabbix3.4.1安装部署+微信推送信息+大屏显

Red Hat OpenShift I: Containers & Kubern

2025 年，C++ 还能“硬核”多久？

RH199 RHCSA Rapid Track

Red Hat RHCE 8 (EX294) Cert Guide

[经验分享] DNS服务之bind编译安装详尽版

浏览过的版块

扫码加入运维网微信交流群