Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bind9 installation #109

Closed
media32 opened this issue Jul 14, 2014 · 17 comments
Closed

bind9 installation #109

media32 opened this issue Jul 14, 2014 · 17 comments

Comments

@media32
Copy link

media32 commented Jul 14, 2014

We installed mail-in-a-box a couple of months ago on our Digital Ocean server and everything setup fine and has been working nicely. However, we recently upgraded but after it installed bind9 everything started to fail as DNS queries stopped resolving. When we stop the bind9 service, DNS queries resolve again. Here is the output from running start.sh:

oot@mailbox://home/example/mailinabox# setup/start.sh

Hello and thanks for deploying a Mail-in-a-Box!
-----------------------------------------------

I'm going to ask you a few questions. To change your answers later,
later, just re-run this script.
Running migration to Mail-in-a-Box #1...
Running migration to Mail-in-a-Box #2...

What email address are you setting this box up to manage?

The part after the @-sign must be a domain name or subdomain
that you control. You can add other email addresses to this
box later (including email addresses on other domain names
or subdomains you control).

We've guessed an email address. Backspace it and type in what
you really want.

Email Address: test@mailbox.example.ca

This box needs a name, called a 'hostname'. The name will form a part
of the box's web address.

We recommend that the name be a subdomain of the domain in your email
address, so we're suggesting box.mailbox.m32.ca.

You can change it, but we recommend you don't.

Hostname: mailbox.example.ca

Enter the public IP address of this machine, as given to you by your
ISP. We've guessed a value, but just backspace it if it's wrong.

Public IP: xxx.xxx.xxx.xxx

(Optional) Enter the IPv6 address of this machine. Leave blank
           if the machine does not have an IPv6 address.
Public IPv6:

Enter the two-letter, uppercase country code for where you
live or where your organization is based. (This is used to
create an SSL certificate.)

Country Code: ca

CA
python3 is already installed (3.4.0-0ubuntu2)
wget is already installed (1.15-1ubuntu1)
curl is already installed (7.35.0-1ubuntu2)
bind9-host is already installed (1:9.9.5.dfsg-3)
installing python3-pip ...
ntp is already installed (1:4.2.6.p5+dfsg-3ubuntu2)
fail2ban is already installed (0.8.11-1)
ufw is already installed (0.34~rc-0ubuntu2)
Firewall is active and enabled on system startup
installing bind9 ...
Adding group `bind' (GID 125) ...
Done.
Adding system user `bind' (UID 115) ...
Adding new user `bind' (UID 115) with group `bind' ...
Not creating home directory `/var/cache/bind'.
wrote key file "/etc/bind/rndc.key"
#
 * Starting domain name service... bind9                                                                                                       [ OK ]
 * Stopping domain name service... bind9                                                                                                              waiting for pid 19079 to die
                                                                                                                                               [ OK ]
 * Starting domain name service... bind9                                                                                                       [ OK ]
openssl is already installed (1.0.1f-1ubuntu2.4)

Your SSL certificate's fingerpint is:
SHA1 Fingerprint=xxx

nsd is already installed (4.0.1-1)
installing ldnsutils ...
E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/l/ldns/libldns1_1.6.17-1_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/universe/l/ldns/ldnsutils_1.6.17-1_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
setup/dns.sh: line 43: ldns-keygen: command not found
setup/dns.sh: line 49: ldns-keygen: command not found
postfix is already installed (2.11.0-1)
postgrey is already installed (1.34-1.2)
installing postfix-pcre ...
E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.11.0-1_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
 * Stopping Postfix Mail Transport Agent postfix                                                                                               [ OK ]
 * Starting Postfix Mail Transport Agent postfix                                                                                               [ OK ]
dovecot-core is already installed (1:2.2.9-1ubuntu2.1)
dovecot-imapd is already installed (1:2.2.9-1ubuntu2.1)
dovecot-lmtpd is already installed (1:2.2.9-1ubuntu2.1)
dovecot-sqlite is already installed (1:2.2.9-1ubuntu2.1)
sqlite3 is already installed (3.8.2-1ubuntu2)
dovecot-sieve is already installed (1:2.2.9-1ubuntu2.1)
installing dovecot-managesieved ...
E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-managesieved_2.2.9-1ubuntu2.1_amd64.deb  Could not resolve 'security.ubuntu.com'

E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
dovecot stop/waiting
dovecot start/running, process 19531
 * Stopping Postfix Mail Transport Agent postfix                                                                                               [ OK ]
 * Starting Postfix Mail Transport Agent postfix                                                                                               [ OK ]
dovecot stop/waiting
dovecot start/running, process 19698
opendkim is already installed (2.9.1-1)
opendkim-tools is already installed (2.9.1-1)
Restarting OpenDKIM: opendkim.
 * Stopping Postfix Mail Transport Agent postfix                                                                                               [ OK ]
 * Starting Postfix Mail Transport Agent postfix                                                                                               [ OK ]
spampd is already installed (2.30-22.2)
razor is already installed (1:2.85-4build2)
pyzor is already installed (1:0.5.0-2fakesync1)
dovecot-antispam is already installed (2.0+20130822-2build1)
downloading servers from http://pyzor.sourceforge.net/cgi-bin/inform-servers-0-3-x
Traceback (most recent call last):
  File "/usr/bin/pyzor", line 8, in <module>
    pyzor.client.run()
  File "/usr/lib/pymodules/python2.7/pyzor/client.py", line 1022, in run
    ExecCall().run()
  File "/usr/lib/pymodules/python2.7/pyzor/client.py", line 186, in run
    download(config.get('client', 'DiscoverServersURL'), servers_fn)
  File "/usr/lib/pymodules/python2.7/pyzor/client.py", line 1031, in download
    open(outfile, "wb").write(urllib2.urlopen(url).read())
  File "/usr/lib/python2.7/urllib2.py", line 127, in urlopen
    return _opener.open(url, data, timeout)
  File "/usr/lib/python2.7/urllib2.py", line 404, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 422, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 382, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 1214, in http_open
    return self.do_open(httplib.HTTPConnection, req)
  File "/usr/lib/python2.7/urllib2.py", line 1184, in do_open
    raise URLError(err)
urllib2.URLError: <urlopen error [Errno -2] Name or service not known>
Stopping spam checking proxy daemon: spampd    ...done.
 * Starting spam checking proxy daemon spampd                                                                                                  [ OK ]
dovecot stop/waiting
dovecot start/running, process 20011
nginx is already installed (1.4.6-1ubuntu3)
php5-cgi is already installed (5.5.9+dfsg-1ubuntu4.3)
 System start/stop links for /etc/init.d/php-fastcgi already exist.
 * Restarting nginx nginx                                                                                                                      [ OK ]
 * Restarting php-fastcgi php-fastcgi                                                                                                          [ OK ]
dbconfig-common is already installed (1.8.47+nmu1)
php5 is already installed (5.5.9+dfsg-1ubuntu4.3)
php5-sqlite is already installed (5.5.9+dfsg-1ubuntu4.3)
php5-mcrypt is already installed (5.4.6-0ubuntu5)
php5-intl is already installed (5.5.9+dfsg-1ubuntu4.3)
php5-json is already installed (1.3.2-2build1)
php5-common is already installed (5.5.9+dfsg-1ubuntu4.3)
php-auth is already installed (1.6.4-1)
php-net-smtp is already installed (1.6.1-1)
php-net-socket is already installed (1.0.14-1)
php-net-sieve is already installed (1.3.2-4)
php-mail-mime is already installed (1.8.8-1)
php-crypt-gpg is already installed (1.3.2-1)
php5-gd is already installed (5.5.9+dfsg-1ubuntu4.3)
php5-pspell is already installed (5.5.9+dfsg-1ubuntu4.3)
tinymce is already installed (3.4.8+dfsg0-1)
libjs-jquery is already installed (1.7.2+dfsg-2ubuntu1)
libjs-jquery-mousewheel is already installed (8-2)
libmagic1 is already installed (1:5.14-2ubuntu3)
E: There are problems and -y was used without --force-yes
--2014-07-14 14:49:00--  http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/1.0.1/roundcubemail-1.0.1.tar.gz
Resolving downloads.sourceforge.net (downloads.sourceforge.net)... failed: Name or service not known.
wget: unable to resolve host address ‘downloads.sourceforge.net’

gzip: stdin: unexpected end of file
tar: Child returned status 1
tar: Error is not recoverable: exiting now
mv: cannot stat ‘/usr/local/lib/roundcubemail-1.0.1/’: No such file or directory
setup/webmail.sh: line 46: /usr/local/lib/roundcubemail/config/config.inc.php: No such file or directory
cp: cannot stat ‘/usr/local/lib/roundcubemail/plugins/password/config.inc.php.dist’: No such file or directory
Traceback (most recent call last):
  File "tools/editconf.py", line 56, in <module>
    input_lines = list(open(filename))
FileNotFoundError: [Errno 2] No such file or directory: '/usr/local/lib/roundcubemail/plugins/password/config.inc.php'
 * Restarting php-fastcgi php-fastcgi                                                                                                          [ OK ]
php-soap is already installed (0.13.0-1)
php5-imap is already installed (5.4.6-0ubuntu5)
--2014-07-14 14:49:02--  http://download.z-push.org/final/2.1/z-push-2.1.3-1892.tar.gz
Resolving download.z-push.org (download.z-push.org)... failed: Name or service not known.
wget: unable to resolve host address ‘download.z-push.org’

gzip: stdin: unexpected end of file
tar: Child returned status 1
tar: Error is not recoverable: exiting now
mv: cannot stat ‘/tmp/z-push-2.1.3-1892’: No such file or directory
sed: can't read /usr/local/lib/z-push/config.php: No such file or directory
sed: can't read /usr/local/lib/z-push/backend/imap/config.php: No such file or directory
sed: can't read /usr/local/lib/z-push/backend/imap/config.php: No such file or directory
 * Restarting php-fastcgi php-fastcgi                                                                                                          [ OK ]
installing python3-flask links duplicity libyaml-dev python3-dnspython ...
E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/libr/librsync/librsync1_0.9.7-10_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/liby/libyaml/libyaml-0-2_0.1.4-3ubuntu3_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/p/python-lockfile/python-lockfile_0.8-2ubuntu2_all.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/d/duplicity/duplicity_0.6.23-1ubuntu4.1_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/universe/l/links2/links_2.8-1ubuntu1_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/universe/d/dnspython3/python3-dnspython_1.11.1-1_all.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/m/markupsafe/python3-markupsafe_0.18-1build2_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/j/jinja2/python3-jinja2_2.7.2-2_all.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/p/python-werkzeug/python3-werkzeug_0.9.4+dfsg-1.1ubuntu1_all.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/p/python-itsdangerous/python3-itsdangerous_0.22+dfsg1-1build1_all.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/universe/f/flask/python3-flask_0.10.1-2build1_all.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/p/pyopenssl/python3-openssl_0.13-2ubuntu6_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/p/pyinotify/python3-pyinotify_0.9.4-1build1_all.deb  Could not resolve 'mirrors.digitalocean.com'

E: Failed to fetch http://mirrors.digitalocean.com/ubuntu/pool/main/liby/libyaml/libyaml-dev_0.1.4-3ubuntu3_amd64.deb  Could not resolve 'mirrors.digitalocean.com'

E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
Downloading/unpacking rtyaml
  Cannot fetch index base URL https://pypi.python.org/simple/
  Could not find any downloads that satisfy the requirement rtyaml
Cleaning up...
No distributions at all found for rtyaml
Storing debug log for failure in /root/.pip/pip.log
 Adding system startup for /etc/init.d/mailinabox ...
   /etc/rc0.d/K20mailinabox -> ../init.d/mailinabox
   /etc/rc1.d/K20mailinabox -> ../init.d/mailinabox
   /etc/rc6.d/K20mailinabox -> ../init.d/mailinabox
   /etc/rc2.d/S20mailinabox -> ../init.d/mailinabox
   /etc/rc3.d/S20mailinabox -> ../init.d/mailinabox
   /etc/rc4.d/S20mailinabox -> ../init.d/mailinabox
   /etc/rc5.d/S20mailinabox -> ../init.d/mailinabox
 * Restarting Mail-in-a-Box Mgmt mailinabox                                                                                                    [ OK ]
setup/start.sh: line 197: /var/lib/mailinabox/api.key: No such file or directory
setup/start.sh: line 198: /var/lib/mailinabox/api.key: No such file or directory
Traceback (most recent call last):
  File "tools/mail.py", line 53, in <module>
    print(mgmt("/mail/users"))
  File "tools/mail.py", line 8, in mgmt
    setup_key_auth(mgmt_uri)
  File "tools/mail.py", line 28, in setup_key_auth
    key = open('/var/lib/mailinabox/api.key').read().strip()
FileNotFoundError: [Errno 2] No such file or directory: '/var/lib/mailinabox/api.key'

Okay. I'm about to set up test@mailbox.m32.ca for you.
password:
 (again):
Traceback (most recent call last):
  File "tools/mail.py", line 66, in <module>
    print(mgmt("/mail/users/add", { "email": email, "password": pw }))
  File "tools/mail.py", line 8, in mgmt
    setup_key_auth(mgmt_uri)
  File "tools/mail.py", line 28, in setup_key_auth
    key = open('/var/lib/mailinabox/api.key').read().strip()
FileNotFoundError: [Errno 2] No such file or directory: '/var/lib/mailinabox/api.key'
Traceback (most recent call last):
  File "tools/mail.py", line 77, in <module>
    print(mgmt("/mail/aliases/add", { "source": sys.argv[3], "destination": sys.argv[4] }))
  File "tools/mail.py", line 8, in mgmt
    setup_key_auth(mgmt_uri)
  File "tools/mail.py", line 28, in setup_key_auth
    key = open('/var/lib/mailinabox/api.key').read().strip()
FileNotFoundError: [Errno 2] No such file or directory: '/var/lib/mailinabox/api.key'
root@mailbox://home/example/mailinabox# management/whats_next.py
Traceback (most recent call last):
  File "management/whats_next.py", line 1, in <module>
    import dns.reversename, dns.resolver
ImportError: No module named 'dns'
root@mailbox://home/example/mailinabox# ls
conf  CONTRIBUTING.md  externals  LICENSE  management  notes  README.md  setup  tests  tools  Vagrantfile
root@mailbox://home/example/mailinabox# cd tests
root@mailbox://home/example/mailinabox/tests# ls
pip-requirements.txt  test_dns.py  test_mail.py  test_smtp_server.py
root@mailbox://home/example/mailinabox/tests# cd ..
root@mailbox://home/example/mailinabox# ls
conf  CONTRIBUTING.md  externals  LICENSE  management  notes  README.md  setup  tests  tools  Vagrantfile
root@mailbox://home/example/mailinabox# cd tools
root@mailbox://home/example/mailinabox/tools# ls
archive_conf_files.sh  dns_update  editconf.py  exchange-autodiscover.php  mail.py  webfinger.php  web_update
root@mailbox://home/example/mailinabox/tools# python mail.py
Traceback (most recent call last):
  File "mail.py", line 3, in <module>
    import sys, getpass, urllib.request, urllib.error
ImportError: No module named request
root@mailbox://home/example/mailinabox/tools# cd..
cd..: command not found
root@mailbox://home/example/mailinabox/tools# cd ..
root@mailbox://home/example/mailinabox# ls
conf  CONTRIBUTING.md  externals  LICENSE  management  notes  README.md  setup  tests  tools  Vagrantfile
root@mailbox://home/example/mailinabox# git pull
fatal: unable to access 'https://github.com/joshdata/mailinabox/': Could not resolve host: github.com
root@mailbox://home/example/mailinabox# sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
  linux-generic linux-headers-generic linux-image-generic
0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
root@mailbox://home/example/mailinabox# sudo apt-get install
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
root@mailbox://home/example/mailinabox# sudo apt-get update
Err http://security.ubuntu.com trusty-security InRelease

Err http://security.ubuntu.com trusty-security Release.gpg
  Could not resolve 'security.ubuntu.com'
Err http://mirrors.digitalocean.com trusty InRelease

Err http://mirrors.digitalocean.com trusty-updates InRelease

Err http://mirrors.digitalocean.com trusty-backports InRelease

Err http://mirrors.digitalocean.com trusty Release.gpg
  Could not resolve 'mirrors.digitalocean.com'
Err http://mirrors.digitalocean.com trusty-updates Release.gpg
  Could not resolve 'mirrors.digitalocean.com'
Err http://mirrors.digitalocean.com trusty-backports Release.gpg
  Could not resolve 'mirrors.digitalocean.com'
Reading package lists... Done
W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty/InRelease

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty-updates/InRelease

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty-backports/InRelease

W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/trusty-security/InRelease

W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/trusty-security/Release.gpg  Could not resolve 'security.ubuntu.com'

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty/Release.gpg  Could not resolve 'mirrors.digitalocean.com'

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty-updates/Release.gpg  Could not resolve 'mirrors.digitalocean.com'

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty-backports/Release.gpg  Could not resolve 'mirrors.digitalocean.com'

W: Some index files failed to download. They have been ignored, or old ones used instead.
root@mailbox://home/example/mailinabox# sudo service bind9 restart
 * Stopping domain name service... bind9                                                                                                                                                                                                                                                                             waiting for pid 19145 to die
                                                                                                                                                                                                                                                                                                              [ OK ]
 * Starting domain name service... bind9                                                                                                                                                                                                                                                                      [ OK ]
root@mailbox://home/example/mailinabox# sudo apt-get update
Err http://security.ubuntu.com trusty-security InRelease

Err http://security.ubuntu.com trusty-security Release.gpg
  Could not resolve 'security.ubuntu.com'
Err http://mirrors.digitalocean.com trusty InRelease

Err http://mirrors.digitalocean.com trusty-updates InRelease

Err http://mirrors.digitalocean.com trusty-backports InRelease

Err http://mirrors.digitalocean.com trusty Release.gpg
  Could not resolve 'mirrors.digitalocean.com'
Err http://mirrors.digitalocean.com trusty-updates Release.gpg
  Could not resolve 'mirrors.digitalocean.com'
Err http://mirrors.digitalocean.com trusty-backports Release.gpg
  Could not resolve 'mirrors.digitalocean.com'
Reading package lists... Done
W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty/InRelease

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty-updates/InRelease

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty-backports/InRelease

W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/trusty-security/InRelease

W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/trusty-security/Release.gpg  Could not resolve 'security.ubuntu.com'

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty/Release.gpg  Could not resolve 'mirrors.digitalocean.com'

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty-updates/Release.gpg  Could not resolve 'mirrors.digitalocean.com'

W: Failed to fetch http://mirrors.digitalocean.com/ubuntu/dists/trusty-backports/Release.gpg  Could not resolve 'mirrors.digitalocean.com'

W: Some index files failed to download. They have been ignored, or old ones used instead.
root@mailbox://home/example/mailinabox#

Any advice on how to resolve this would be greatly appreciated.
@JoshData
Copy link
Member

Could you paste /etc/bind/named.conf.options?

I'd suggest creating a new fresh machine, copying /home/user-data over to the new machine, and then running the setup script.

@media32
Copy link
Author

media32 commented Jul 15, 2014

Sure, here is the contents of named.conf.options:

options {
    directory "/var/cache/bind";

    // If there is a firewall between you and nameservers you want
    // to talk to, you may need to fix the firewall to allow multiple
    // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

    // If your ISP provided one or more IP addresses for stable 
    // nameservers, you probably want to use them as forwarders.  
    // Uncomment the following block, and insert the addresses replacing 
    // the all-0's placeholder.

    // forwarders {
    //  0.0.0.0;
    // };

    //========================================================================
    // If BIND logs error messages about the root key being expired,
    // you will need to update your keys.  See https://www.isc.org/bind-keys
    //========================================================================
    dnssec-validation auto;

    auth-nxdomain no;    # conform to RFC1035
    listen-on-v6 { any; };

    listen-on { 127.0.0.1; };
};

Could the listen-on IP be wrong?

@JoshData
Copy link
Member

I think you'll need to get rid of listen-on-v6 or replace it with listen-on-v6 { none; };.

@media32
Copy link
Author

media32 commented Jul 15, 2014

I commented out the line from named.conf.options and also set it to "none" and restarted bind9, but either way I still can't ping any domains from the server or run apt-get update.

@JoshData
Copy link
Member

See if there are any errors in /var/log/syslog. (Try service bind9 restart if you dont see log entries near the bottom.)

@media32
Copy link
Author

media32 commented Jul 15, 2014

Here is the end of the syslog contents after restarting bind9:

Jul 15 12:40:02 mailbox named[6003]: starting BIND 9.9.5-3-Ubuntu -u bind -4
Jul 15 12:40:02 mailbox named[6003]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2'
Jul 15 12:40:02 mailbox named[6003]: ----------------------------------------------------
Jul 15 12:40:02 mailbox named[6003]: BIND 9 is maintained by Internet Systems Consortium,
Jul 15 12:40:02 mailbox named[6003]: Inc. (ISC), a non-profit 501(c)(3) public-benefit 
Jul 15 12:40:02 mailbox named[6003]: corporation.  Support and training for BIND 9 are 
Jul 15 12:40:02 mailbox named[6003]: available at https://www.isc.org/support
Jul 15 12:40:02 mailbox named[6003]: ----------------------------------------------------
Jul 15 12:40:02 mailbox named[6003]: adjusted limit on open files from 4096 to 1048576
Jul 15 12:40:02 mailbox named[6003]: found 1 CPU, using 1 worker thread
Jul 15 12:40:02 mailbox named[6003]: using 1 UDP listener per interface
Jul 15 12:40:02 mailbox named[6003]: using up to 4096 sockets
Jul 15 12:40:02 mailbox named[6003]: loading configuration from '/etc/bind/named.conf'
Jul 15 12:40:02 mailbox named[6003]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Jul 15 12:40:02 mailbox named[6003]: using default UDP/IPv4 port range: [1024, 65535]
Jul 15 12:40:02 mailbox named[6003]: using default UDP/IPv6 port range: [1024, 65535]
Jul 15 12:40:02 mailbox named[6003]: no IPv6 interfaces found
Jul 15 12:40:02 mailbox named[6003]: listening on IPv4 interface lo, 127.0.0.1#53
Jul 15 12:40:02 mailbox named[6003]: could not listen on UDP socket: address in use
Jul 15 12:40:02 mailbox named[6003]: creating IPv4 interface lo failed; interface ignored
Jul 15 12:40:02 mailbox named[6003]: not listening on any interfaces
Jul 15 12:40:02 mailbox named[6003]: generating session key for dynamic DNS
Jul 15 12:40:02 mailbox named[6003]: sizing zone task pool based on 5 zones
Jul 15 12:40:02 mailbox named[6003]: using built-in root key for view _default
Jul 15 12:40:02 mailbox named[6003]: set up managed keys zone for view _default, file 'managed-keys.bind'
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 10.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 16.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 17.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 18.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 19.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 20.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 21.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 22.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 23.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 24.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 25.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 26.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 27.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 28.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 29.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 30.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 31.172.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 168.192.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 64.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 65.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 66.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 67.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 68.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 69.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 70.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 71.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 72.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 73.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 74.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 75.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 76.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 77.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 78.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 79.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 80.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 81.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 82.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 83.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 84.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 85.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 86.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 87.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 88.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 89.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 90.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 91.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 92.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 93.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 94.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 95.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 96.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 97.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 98.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 99.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 100.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 101.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 102.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 103.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 104.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 105.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 106.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 107.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 108.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 109.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 110.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 111.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 112.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 113.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 114.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 115.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 116.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 117.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 118.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 119.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 120.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 121.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 122.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 123.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 124.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 125.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 126.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 127.100.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 254.169.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: D.F.IP6.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 8.E.F.IP6.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 9.E.F.IP6.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: A.E.F.IP6.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: B.E.F.IP6.ARPA
Jul 15 12:40:02 mailbox named[6003]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Jul 15 12:40:02 mailbox named[6003]: command channel listening on 127.0.0.1#953
Jul 15 12:40:02 mailbox named[6003]: managed-keys-zone: loaded serial 2
Jul 15 12:40:02 mailbox named[6003]: zone 0.in-addr.arpa/IN: loaded serial 1
Jul 15 12:40:02 mailbox named[6003]: zone 255.in-addr.arpa/IN: loaded serial 1
Jul 15 12:40:02 mailbox named[6003]: zone 127.in-addr.arpa/IN: loaded serial 1
Jul 15 12:40:02 mailbox named[6003]: zone localhost/IN: loaded serial 2
Jul 15 12:40:02 mailbox named[6003]: all zones loaded
Jul 15 12:40:02 mailbox named[6003]: running

@JoshData
Copy link
Member

Can you show me the output of hostname -I and the contents of /etc/nsd/nsd.conf?

Sorry for all of the trouble. Appreciate you sticking through this.

@JoshData
Copy link
Member

Also run sudo service nsd restart and copy here any nsd-related things at the bottom of /var/log/syslog again?

@media32
Copy link
Author

media32 commented Jul 16, 2014

No problem at all, I appreciate you trying to get to the bottom of this for us.

hostname -I outputs the IPv4 address of the server. 107.170.XXX.XXX

The output for /etc/nsd/nsd.conf is:

server:
  hide-version: yes

  # identify the server (CH TXT ID.SERVER entry).
  identity: ""

  # The directory for zonefile: files.
  zonesdir: "/etc/nsd/zones"

# ZONES
zone:
    name: mailbox.example.com
    zonefile: mailbox.example.com.txt

Output for /var/log/syslog after restarting nsd is:

Jul 16 16:32:04 mailbox nsd[1026]: signal received, shutting down...
Jul 16 16:32:04 mailbox nsd[1022]: xfrd: error writing shutdown to main: Broken pipe
Jul 16 16:32:04 mailbox nsd[8795]: nsd started (NSD 4.0.1), pid 8793

@JoshData
Copy link
Member

That's odd. nsd.conf is missing ip-address lines generated at https://github.com/JoshData/mailinabox/blob/master/management/dns_update.py#L347 based on the output of hostname -I. These restrict nsd to binding to the public network interfaces so that bind can operate on 127.0.0.1. Without them, nsd is hogging the local address, preventing bind from starting, and so local services can't get DNS.

But I'm stumped. If the output of hostname -I has stuff, then there should be something in nsd.conf.

@JoshData
Copy link
Member

Maybe the fact that bind9 isn't running is preventing nsd.conf from being updated to have the right value. So maybe try service nsd stop (so that bind9 can start) and then run setup/start.sh to set nsd.conf correctly, and hopefully then when nsd tries to start back up it will be able to.

@media32
Copy link
Author

media32 commented Jul 17, 2014

I tried stopping nsd, then running the start.sh script again and it provided the same errors as above while running. Do you think it advisable just to create an entirely new Digital Ocean container, start fresh and move the user-data folder over as you indicated earlier?

@JoshData
Copy link
Member

Yeah that would probably be the fastest way to get back to normal.

@media32
Copy link
Author

media32 commented Jul 17, 2014

Sounds good - I will do that and if there are any other issues related to the same thing I will let you know! Thanks for all your help so far.

@JoshData
Copy link
Member

Let me know how it goes.

@media32
Copy link
Author

media32 commented Jul 21, 2014

By creating a new droplet and running everything from scratch, it all worked out nicely. One problem I did notice was that the original droplet was a 512mb / 20gb Digital Ocean droplet, and your script threw an error on the new droplet (with the same settings):

Your Mail-in-a-Box needs more than 490 MB RAM.
Please provision a machine with at least 768 MB, 1 GB recommended.

So I upgraded the droplet and it worked.

I'm having two other issues now with the new version of mailinabox, but I will try working them out on our end prior to posting them.

@JoshData
Copy link
Member

Great. I'll close this issue. Let me know about other problems as you find them (on new issues)!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JoshData @media32