PowerDNS: Difference between revisions
From Lolly's Wiki
Jump to navigationJump to search
m (Text replacement - "<source" to "<syntaxhighlight") |
m (Text replacement - "</source" to "</syntaxhighlight") |
||
| Line 8: | Line 8: | ||
<syntaxhighlight lang=apt> | <syntaxhighlight lang=apt> | ||
APT::Default-Release "xenial"; | APT::Default-Release "xenial"; | ||
</ | </syntaxhighlight> | ||
===/etc/apt/preferences.d/pdns=== | ===/etc/apt/preferences.d/pdns=== | ||
<syntaxhighlight lang=apt> | <syntaxhighlight lang=apt> | ||
| Line 22: | Line 22: | ||
Pin: release a=zesty-security, l=Ubuntu | Pin: release a=zesty-security, l=Ubuntu | ||
Pin-Priority: 1000 | Pin-Priority: 1000 | ||
</ | </syntaxhighlight> | ||
===/etc/apt/sources.list=== | ===/etc/apt/sources.list=== | ||
add zesty sources. for example: | add zesty sources. for example: | ||
| Line 32: | Line 32: | ||
deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ zesty-updates main restricted universe | deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ zesty-updates main restricted universe | ||
deb [arch=amd64] http://security.ubuntu.com/ubuntu zesty-security main restricted universe | deb [arch=amd64] http://security.ubuntu.com/ubuntu zesty-security main restricted universe | ||
</ | </syntaxhighlight> | ||
===Do the upgrade=== | ===Do the upgrade=== | ||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
# apt update | # apt update | ||
# apt install pdns-recursor/zesty pdns-tools/zesty libstdc++6/zesty gcc-6-base/zesty | # apt install pdns-recursor/zesty pdns-tools/zesty libstdc++6/zesty gcc-6-base/zesty | ||
</ | </syntaxhighlight> | ||
==Logging with systemd and syslog-ng== | ==Logging with systemd and syslog-ng== | ||
| Line 45: | Line 45: | ||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
#ForwardToSyslog=yes | #ForwardToSyslog=yes | ||
</ | </syntaxhighlight> | ||
to | to | ||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
ForwardToSyslog=yes | ForwardToSyslog=yes | ||
</ | </syntaxhighlight> | ||
Then restart the journald | Then restart the journald | ||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
# systemctl restart systemd-journald.service | # systemctl restart systemd-journald.service | ||
</ | </syntaxhighlight> | ||
2. Tell syslog-ng to take the dev-log-socket from journald as input: | 2. Tell syslog-ng to take the dev-log-socket from journald as input: | ||
| Line 64: | Line 64: | ||
internal(); | internal(); | ||
}; | }; | ||
</ | </syntaxhighlight> | ||
to | to | ||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
| Line 72: | Line 72: | ||
unix-dgram ("/run/systemd/journal/dev-log"); | unix-dgram ("/run/systemd/journal/dev-log"); | ||
}; | }; | ||
</ | </syntaxhighlight> | ||
==chroot with systemd== | ==chroot with systemd== | ||
| Line 81: | Line 81: | ||
# mkdir -p /var/chroot/run/systemd | # mkdir -p /var/chroot/run/systemd | ||
# touch /var/chroot/run/systemd/notify | # touch /var/chroot/run/systemd/notify | ||
</ | </syntaxhighlight> | ||
| Line 95: | Line 95: | ||
Type=none | Type=none | ||
Options=bind | Options=bind | ||
</ | </syntaxhighlight> | ||
or | or | ||
<syntaxhighlight lang=ini> | <syntaxhighlight lang=ini> | ||
| Line 115: | Line 115: | ||
[Install] | [Install] | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
</ | </syntaxhighlight> | ||
<syntaxhighlight lang=ini> | <syntaxhighlight lang=ini> | ||
| Line 127: | Line 127: | ||
[Unit] | [Unit] | ||
Wants=local-fs.target | Wants=local-fs.target | ||
</ | </syntaxhighlight> | ||
<syntaxhighlight lang=ini> | <syntaxhighlight lang=ini> | ||
| Line 139: | Line 139: | ||
[Unit] | [Unit] | ||
Wants=local-fs.target | Wants=local-fs.target | ||
</ | </syntaxhighlight> | ||
Revision as of 01:42, 26 November 2021
PowerDNS Server (pdns_server)
Newer version in Ubuntu
If you are living in Ubunbtu xenial and need a newer PowerDNS from Ubuntu zesty, do this:
/etc/apt/apt.conf.d/01pinning
APT::Default-Release "xenial";/etc/apt/preferences.d/pdns
Package: pdns-*
Pin: release a=zesty, l=Ubuntu
Pin-Priority: 1000
Package: pdns-*
Pin: release a=zesty-updates, l=Ubuntu
Pin-Priority: 1000
Package: pdns-*
Pin: release a=zesty-security, l=Ubuntu
Pin-Priority: 1000/etc/apt/sources.list
add zesty sources. for example:
deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial main restricted universe
deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial-updates main restricted universe
deb [arch=amd64] http://security.ubuntu.com/ubuntu xenial-security main restricted universe
deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ zesty main restricted universe
deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ zesty-updates main restricted universe
deb [arch=amd64] http://security.ubuntu.com/ubuntu zesty-security main restricted universeDo the upgrade
# apt update
# apt install pdns-recursor/zesty pdns-tools/zesty libstdc++6/zesty gcc-6-base/zesty
Logging with systemd and syslog-ng
1. Tell the journald of systemd to forward messages to syslog: In /etc/systemd/journald.conf set it from
#ForwardToSyslog=yes
to
ForwardToSyslog=yes
Then restart the journald
# systemctl restart systemd-journald.service
2. Tell syslog-ng to take the dev-log-socket from journald as input:
Change the part in /etc/syslog-ng/syslog-ng.conf from
source s_src {
system();
internal();
};
to
source s_src {
system();
internal();
unix-dgram ("/run/systemd/journal/dev-log");
};
chroot with systemd
# mkdir -p /var/chroot/run/systemd
# touch /var/chroot/run/systemd/notify
# /etc/systemd/system/var-chroot-run-systemd-notify.mount
[Unit]
After=zfs-mount.service
Requires=var-chroot.mount
[Mount]
What=/run/systemd/notify
Where=/var/chroot/run/systemd/notify
Type=none
Options=bind
or
# /etc/systemd/system/var-chroot-run-systemd-notify.mount
[Unit]
Description=Mount /run/systemd/notify to chroot
DefaultDependencies=no
ConditionPathExists=/var/chroot/run/systemd/notify
ConditionCapability=CAP_SYS_ADMIN
After=systemd-modules-load.service
Before=pdns-recursor.service
[Mount]
What=/run/systemd/notify
Where=/var/chroot/run/systemd/notify
Type=none
Options=bind
[Install]
WantedBy=multi-user.target
# /etc/systemd/system/pdns.service.d/override.conf
[Service]
Type=simple
ExecStart=
ExecStart=/usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_CHOWN CAP_SYS_CHROOT
[Unit]
Wants=local-fs.target
# /etc/systemd/system/pdns-recursor.service.d/override.conf
[Service]
Type=simple
ExecStart=
ExecStart=/usr/sbin/pdns_recursor --daemon=no --write-pid=no --include-dir=/etc/powerdns/recursor.d
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_CHOWN CAP_SYS_CHROOT
[Unit]
Wants=local-fs.target
