构建DNS服务的最基础的软件是bind,DNS服务的进程名是named。为了增强安全性,我们要安装最新版的bind软件,但最新版的bind版本为bind-9.9.0,网上没有rpm包,只有源代码包,此时,我们只能通过手动编译安装bind了。
一、要准备好bind-9.9.0的源代码包,放到root目录下,一般是bind-9.9.0.tar.gz.通过命令
- #tar xvf bind-9.9.0.tar.gz
- #cd bind-9.9.0
1.初始化
编译的前提是系统已经安装好了“Development Tools”和“Development Libraries”两个包组。要想简单并方便的安装包组,就需要使用yum命令:
(使用yum的前提是已经配好yum源。)
- #yum groupinstall "Development Tools"
- #yum groupinstall "Development Libraries"
- #./configure --sysconfdir=/etc --disable-ipv6 --enable-largefile --prefix=/usr/local/named --disable-openssl-version-check --localstatedir=/var
此时正在定义安装路径等一系列的初始化,等待完成后,使用make命令调用编译器工具。
2.调用编译器工具进行编译
- #make
- #make install
二、编写/etc/named/named.conf配置文件
- #vim /etc/named/named.conf
- options {
- directory "/var/named";
- };
- zone "." IN {
- type hint;
- file "named.ca";
- };
- zone "localhost" IN {
- type master;
- file "localhost.zone";
- };
- zone "0.0.127.in-addr.arpa" IN {
- type master;
- file "named.local";
- };
- #mkdir /var/named
- #cd /var/named
- #dig -t NS .t > named.ca
- #vim localhost.zone
- $TTL 600
- localhost. IN SOA localhost. admin.localhost.(
- 2012030801
- 1H
- 4M
- 5D
- 1D)
- IN NS localhost.
- IN A 127.0.0.1
- #vim named.local
- $TTL 600
- @ IN SOA localhost. admin.localhost.(
- 2012030801
- 1H
- 4M
- 5D
- 1D)
- IN NS localhost.
- 1 IN PTR localhost.
保存以上三个文件并退出。
三、添加named用户及组并改变文件的权限
- # groupadd -r named
- # useradd -g named -r -s /sbin/nologin named
- # chown -R :named /etc/named/named.conf /var/named/{named.ca localhostr.zone named.local}
四、手动编辑脚本named
- #vim /etc/rc.d/init.d/named
- #!/bin/bash
- #named
- #This shell script takes care of starting and stopping
- # named (BIND DNS server).
- # chkconfig: - 13 87
- # description: named (BIND) is a Domain Name Server (DNS) \
- # that is used to resolve host names to IP addresses.
- # probe: true
- # Source function library.
- . /etc/rc.d/init.d/functions
- # Source networking configuration.
- [ -r /etc/sysconfig/network ] && . /etc/sysconfig/network
- namednamed=named
- named_conf="/etc/named/named.conf"
- ROOTDIR="/usr/local/named"
- CHKCONF="$ROOTDIR/sbin/named-checkconf"
- CHKZONE="$ROOTDIR/sbin/named-checkzone"
- RNDC="$ROOTDIR/sbin/rndc"
- start() {
- echo -n $"Starting $named: "
- if [ -n "`/sbin/pidof -o %PPID $named`" ]; then
- echo -n $"$named: already running"
- failure
- echo
- return 1
- fi
- conf_ok=0;
- if [ -x $CHKCONF ] && [ -x $CHKZONE ] && $CHKCONF ${named_conf} >/dev/null 2>&1; then
- conf_ok=1;
- else
- RETVAL=$?;
- fi
- if [ $conf_ok -eq 1 ]; then
- daemon $ROOTDIR/sbin/$named -u named;
- RETVAL=$?;
- [ $RETVAL -eq 0 ] && touch /var/lock/subsys/named
- echo
- return $RETVAL
- fi:
- }
- stop() {
- # Stop daemons.
- echo -n $"Stopping $named: "
- $RNDC stop >/dev/null 2>&1
- RETVAL=$?
- [ "$RETVAL" -eq 0 ] || killproc "$named" -TERM >/dev/null 2>&1
- if [ $RETVAL -eq 0 ]; then
- rm -f /var/lock/subsys/named &> /dev/null
- rm -f /var/run/named.pid &> /dev/null
- fi;
- if [ $RETVAL -eq 0 ]; then
- success
- else
- failure
- fi;
- echo
- return $RETVAL
- }
- restart() {
- stop
- sleep 2
- start
- }
- status() {
- $RNDC status
- status $ROOTDIR/sbin/$named
- return $?
- }
- reload() {
- echo -n $"Reloading $named: "
- p=`/sbin/pidof -o %PPID $named`
- RETVAL=$?
- if [ "$RETVAL" -eq 0 ]; then
- $RNDC reload >/dev/null 2>&1 || /bin/kill -HUP $p;
- RETVAL=$?
- fi
- [ "$RETVAL" -eq 0 ] && success $"$named reload" || failure $"$named reload"
- echo
- return $RETVAL
- }
- checkconfig() {
- if [ -x $CHKCONF ] && [ -x $CHKZONE ] && $CHKCONF ${named_conf} ; then
- return 0;
- else
- return 1;
- fi
- }
- case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- status)
- status
- ;;
- restart)
- restart
- ;;
- reload)
- reload
- ;;
- checkconfig|configtest|check|test)
- checkconfig
- ;;
- *)
- echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|configtest|probe}"
- exit 2
- ;;
- esac
- exit $?
保存退出。
五、启动dns服务
- #cd /usr/local/named/sbin/
- #./named -u named
即可启动dns服务了。
