PowerDNS: Difference between revisions

From Lolly's Wiki
Jump to navigationJump to search
m (Text replacement - "[[Kategorie:" to "[[Category:")
m (Text replacement - "<source" to "<syntaxhighlight")
Line 6: Line 6:


===/etc/apt/apt.conf.d/01pinning===
===/etc/apt/apt.conf.d/01pinning===
<source lang=apt>
<syntaxhighlight lang=apt>
APT::Default-Release "xenial";
APT::Default-Release "xenial";
</source>
</source>
===/etc/apt/preferences.d/pdns===
===/etc/apt/preferences.d/pdns===
<source lang=apt>
<syntaxhighlight lang=apt>
Package: pdns-*
Package: pdns-*
Pin: release a=zesty, l=Ubuntu
Pin: release a=zesty, l=Ubuntu
Line 25: Line 25:
===/etc/apt/sources.list===
===/etc/apt/sources.list===
add zesty sources. for example:
add zesty sources. for example:
<source>
<syntaxhighlight>
deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial          main restricted universe
deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial          main restricted universe
deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial-updates  main restricted universe
deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial-updates  main restricted universe
Line 34: Line 34:
</source>
</source>
===Do the upgrade===
===Do the upgrade===
<source lang=bash>
<syntaxhighlight lang=bash>
# apt update
# apt update
# apt install pdns-recursor/zesty pdns-tools/zesty libstdc++6/zesty gcc-6-base/zesty
# apt install pdns-recursor/zesty pdns-tools/zesty libstdc++6/zesty gcc-6-base/zesty
Line 43: Line 43:
1. Tell the journald of systemd to forward messages to syslog:
1. Tell the journald of systemd to forward messages to syslog:
In <i>/etc/systemd/journald.conf</i> set it from
In <i>/etc/systemd/journald.conf</i> set it from
<source lang=bash>
<syntaxhighlight lang=bash>
#ForwardToSyslog=yes
#ForwardToSyslog=yes
</source>
</source>
to
to
<source lang=bash>
<syntaxhighlight lang=bash>
ForwardToSyslog=yes
ForwardToSyslog=yes
</source>
</source>


Then restart the journald
Then restart the journald
<source lang=bash>
<syntaxhighlight lang=bash>
# systemctl restart systemd-journald.service
# systemctl restart systemd-journald.service
</source>
</source>
Line 59: Line 59:


Change the part in <i>/etc/syslog-ng/syslog-ng.conf</i> from
Change the part in <i>/etc/syslog-ng/syslog-ng.conf</i> from
<source lang=bash>
<syntaxhighlight lang=bash>
source s_src {
source s_src {
       system();
       system();
Line 66: Line 66:
</source>
</source>
to
to
<source lang=bash>
<syntaxhighlight lang=bash>
source s_src {
source s_src {
       system();
       system();
Line 78: Line 78:




<source lang=bash>
<syntaxhighlight lang=bash>
# mkdir -p /var/chroot/run/systemd
# mkdir -p /var/chroot/run/systemd
# touch /var/chroot/run/systemd/notify
# touch /var/chroot/run/systemd/notify
Line 84: Line 84:




<source lang=ini>
<syntaxhighlight lang=ini>
# /etc/systemd/system/var-chroot-run-systemd-notify.mount
# /etc/systemd/system/var-chroot-run-systemd-notify.mount
[Unit]
[Unit]
Line 97: Line 97:
</source>
</source>
or
or
<source lang=ini>
<syntaxhighlight lang=ini>
# /etc/systemd/system/var-chroot-run-systemd-notify.mount
# /etc/systemd/system/var-chroot-run-systemd-notify.mount
[Unit]
[Unit]
Line 117: Line 117:
</source>
</source>


<source lang=ini>
<syntaxhighlight lang=ini>
# /etc/systemd/system/pdns.service.d/override.conf
# /etc/systemd/system/pdns.service.d/override.conf
[Service]
[Service]
Line 129: Line 129:
</source>
</source>


<source lang=ini>
<syntaxhighlight lang=ini>
# /etc/systemd/system/pdns-recursor.service.d/override.conf
# /etc/systemd/system/pdns-recursor.service.d/override.conf
[Service]
[Service]

Revision as of 17:02, 25 November 2021


PowerDNS Server (pdns_server)

Newer version in Ubuntu

If you are living in Ubunbtu xenial and need a newer PowerDNS from Ubuntu zesty, do this:

/etc/apt/apt.conf.d/01pinning

<syntaxhighlight lang=apt> APT::Default-Release "xenial"; </source>

/etc/apt/preferences.d/pdns

<syntaxhighlight lang=apt> Package: pdns-* Pin: release a=zesty, l=Ubuntu Pin-Priority: 1000

Package: pdns-* Pin: release a=zesty-updates, l=Ubuntu Pin-Priority: 1000

Package: pdns-* Pin: release a=zesty-security, l=Ubuntu Pin-Priority: 1000 </source>

/etc/apt/sources.list

add zesty sources. for example: <syntaxhighlight> deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial main restricted universe deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial-updates main restricted universe deb [arch=amd64] http://security.ubuntu.com/ubuntu xenial-security main restricted universe deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ zesty main restricted universe deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ zesty-updates main restricted universe deb [arch=amd64] http://security.ubuntu.com/ubuntu zesty-security main restricted universe </source>

Do the upgrade

<syntaxhighlight lang=bash>

  1. apt update
  2. apt install pdns-recursor/zesty pdns-tools/zesty libstdc++6/zesty gcc-6-base/zesty

</source>

Logging with systemd and syslog-ng

1. Tell the journald of systemd to forward messages to syslog: In /etc/systemd/journald.conf set it from <syntaxhighlight lang=bash>

  1. ForwardToSyslog=yes

</source> to <syntaxhighlight lang=bash> ForwardToSyslog=yes </source>

Then restart the journald <syntaxhighlight lang=bash>

  1. systemctl restart systemd-journald.service

</source>

2. Tell syslog-ng to take the dev-log-socket from journald as input:

Change the part in /etc/syslog-ng/syslog-ng.conf from <syntaxhighlight lang=bash> source s_src {

      system();
      internal();

}; </source> to <syntaxhighlight lang=bash> source s_src {

      system();
      internal();
      unix-dgram ("/run/systemd/journal/dev-log"); 

}; </source>

chroot with systemd

<syntaxhighlight lang=bash>

  1. mkdir -p /var/chroot/run/systemd
  2. touch /var/chroot/run/systemd/notify

</source>


<syntaxhighlight lang=ini>

  1. /etc/systemd/system/var-chroot-run-systemd-notify.mount

[Unit] After=zfs-mount.service Requires=var-chroot.mount

[Mount] What=/run/systemd/notify Where=/var/chroot/run/systemd/notify Type=none Options=bind </source> or <syntaxhighlight lang=ini>

  1. /etc/systemd/system/var-chroot-run-systemd-notify.mount

[Unit] Description=Mount /run/systemd/notify to chroot DefaultDependencies=no ConditionPathExists=/var/chroot/run/systemd/notify ConditionCapability=CAP_SYS_ADMIN After=systemd-modules-load.service Before=pdns-recursor.service

[Mount] What=/run/systemd/notify Where=/var/chroot/run/systemd/notify Type=none Options=bind

[Install] WantedBy=multi-user.target </source>

<syntaxhighlight lang=ini>

  1. /etc/systemd/system/pdns.service.d/override.conf

[Service] Type=simple ExecStart= ExecStart=/usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_CHOWN CAP_SYS_CHROOT

[Unit] Wants=local-fs.target </source>

<syntaxhighlight lang=ini>

  1. /etc/systemd/system/pdns-recursor.service.d/override.conf

[Service] Type=simple ExecStart= ExecStart=/usr/sbin/pdns_recursor --daemon=no --write-pid=no --include-dir=/etc/powerdns/recursor.d CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_CHOWN CAP_SYS_CHROOT

[Unit] Wants=local-fs.target </source>