PowerDNS
PowerDNS Server (pdns_server)
Newer version in Ubuntu
If you are living in Ubunbtu xenial and need a newer PowerDNS from Ubuntu zesty, do this:
/etc/apt/apt.conf.d/01pinning
<syntaxhighlight lang=apt> APT::Default-Release "xenial"; </source>
/etc/apt/preferences.d/pdns
<syntaxhighlight lang=apt> Package: pdns-* Pin: release a=zesty, l=Ubuntu Pin-Priority: 1000
Package: pdns-* Pin: release a=zesty-updates, l=Ubuntu Pin-Priority: 1000
Package: pdns-* Pin: release a=zesty-security, l=Ubuntu Pin-Priority: 1000 </source>
/etc/apt/sources.list
add zesty sources. for example: <syntaxhighlight> deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial main restricted universe deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ xenial-updates main restricted universe deb [arch=amd64] http://security.ubuntu.com/ubuntu xenial-security main restricted universe deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ zesty main restricted universe deb [arch=amd64] http://de.archive.ubuntu.com/ubuntu/ zesty-updates main restricted universe deb [arch=amd64] http://security.ubuntu.com/ubuntu zesty-security main restricted universe </source>
Do the upgrade
<syntaxhighlight lang=bash>
- apt update
- apt install pdns-recursor/zesty pdns-tools/zesty libstdc++6/zesty gcc-6-base/zesty
</source>
Logging with systemd and syslog-ng
1. Tell the journald of systemd to forward messages to syslog: In /etc/systemd/journald.conf set it from <syntaxhighlight lang=bash>
- ForwardToSyslog=yes
</source> to <syntaxhighlight lang=bash> ForwardToSyslog=yes </source>
Then restart the journald <syntaxhighlight lang=bash>
- systemctl restart systemd-journald.service
</source>
2. Tell syslog-ng to take the dev-log-socket from journald as input:
Change the part in /etc/syslog-ng/syslog-ng.conf from <syntaxhighlight lang=bash> source s_src {
system();
internal();
}; </source> to <syntaxhighlight lang=bash> source s_src {
system();
internal();
unix-dgram ("/run/systemd/journal/dev-log");
}; </source>
chroot with systemd
<syntaxhighlight lang=bash>
- mkdir -p /var/chroot/run/systemd
- touch /var/chroot/run/systemd/notify
</source>
<syntaxhighlight lang=ini>
- /etc/systemd/system/var-chroot-run-systemd-notify.mount
[Unit] After=zfs-mount.service Requires=var-chroot.mount
[Mount] What=/run/systemd/notify Where=/var/chroot/run/systemd/notify Type=none Options=bind </source> or <syntaxhighlight lang=ini>
- /etc/systemd/system/var-chroot-run-systemd-notify.mount
[Unit] Description=Mount /run/systemd/notify to chroot DefaultDependencies=no ConditionPathExists=/var/chroot/run/systemd/notify ConditionCapability=CAP_SYS_ADMIN After=systemd-modules-load.service Before=pdns-recursor.service
[Mount] What=/run/systemd/notify Where=/var/chroot/run/systemd/notify Type=none Options=bind
[Install] WantedBy=multi-user.target </source>
<syntaxhighlight lang=ini>
- /etc/systemd/system/pdns.service.d/override.conf
[Service] Type=simple ExecStart= ExecStart=/usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_CHOWN CAP_SYS_CHROOT
[Unit] Wants=local-fs.target </source>
<syntaxhighlight lang=ini>
- /etc/systemd/system/pdns-recursor.service.d/override.conf
[Service] Type=simple ExecStart= ExecStart=/usr/sbin/pdns_recursor --daemon=no --write-pid=no --include-dir=/etc/powerdns/recursor.d CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_CHOWN CAP_SYS_CHROOT
[Unit] Wants=local-fs.target </source>
