Bind9 with DLZ and MySQL backend on Ubuntu Jaunty (9.04), Lucid (10.04) and Precise (12.04)
This forum post got me started but I got stuck in various places and thought I'd summarize what worked for me. I'm not going to explain much but if you're going to work with Bind and DLZ you probably know what you're dealing with. I also won't go into configuring DLZ because that depends on your particular DB schema and there is sufficient documentation on the DLZ website.
We need MySQL of course:
root@foo:~# apt-get install mysql-server
Make a directory to hold the source package for bind9,
root@foo:~# mkdir -p /usr/local/src/bind9
and change into it:
root@foo:~# cd /usr/local/src/bind9
Bison and fakeroot are needed. Not sure if these are a build-time only dependencies.
root@foo:/usr/local/src/bind9# apt-get install fakeroot bison
My sources.list was lacking the required deb-src entries:
root@foo:/usr/local/src/bind9# vim /etc/apt/sources.list
Make sure the following deb-src lines are present and active:
deb-src http://us.archive.ubuntu.com/ubuntu/ lucid main deb-src http://de.archive.ubuntu.com/ubuntu/ lucid-security main restricted universe multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ lucid-updates main restricted universe multiverse
If you modified sources.list, update the package index.
root@foo:/usr/local/src/bind9# apt-get update
Get the build tools:
root@foo:/usr/local/src/bind9# apt-get install build-essential
Get the Bind9 source package:
root@foo:/usr/local/src/bind9# apt-get source bind9
This is what you should get:
root@foo:/usr/local/src/bind9# ls -1 bind9-9.7.0.dfsg.P1 bind9_9.7.0.dfsg.P1-1ubuntu0.2.diff.gz bind9_9.7.0.dfsg.P1-1ubuntu0.2.dsc bind9_9.7.0.dfsg.P1.orig.tar.gz
We also need the MySQL client headers when building Bind9 with DLZ and MySQL:
root@foo:/usr/local/src/bind9# apt-get install libmysqlclient15-dev
Cd into the unpacked source tree:
root@foo:/usr/local/src/bind9# cd bind9-9.7.0.dfsg.P1/
Modify the Debian build script:
root@foo:/usr/local/src/bind9/bind9-9.7.0.dfsg.P1# vim debian/rules
--with-dlz-mysql=yes or add a line
--with-dlz-mysql=yes (don't forget preceding backslash).
Install more build-time requirements. I didn't find out that I needed these until the dpkg-buildpackage step below complained about them being missing.
root@foo:/usr/local/src/bind9/bind9-9.7.0.dfsg.P1# apt-get install \ libkrb5-dev \ libkrb5-dev \ libssl-dev \ libtool \ libdb-dev \ libldap2-dev \ libldap2-dev \ libcap2-dev \ hardening-wrapper \ debhelper \ libxml2-dev
Build the binary packages. If dpkg-buildpackage complains about unmet dependencies,
apt-get install what's missing, rinse and repeat.
root@foo:/usr/local/src/bind9/bind9-9.7.0.dfsg.P1# dpkg-buildpackage -rfakeroot -b
Back out one directory.
root@foo:/usr/local/src/bind9/bind9-9.7.0.dfsg.P1# cd ..
You should have roughly the following binary packages:
root@foo:/usr/local/src/bind9# ls -1 bind9-9.7.0.dfsg.P1 bind9_9.7.0.dfsg.P1-1_amd64.changes bind9_9.7.0.dfsg.P1-1_amd64.deb bind9_9.7.0.dfsg.P1-1.diff.gz bind9_9.7.0.dfsg.P1-1.dsc bind9_9.7.0.dfsg.P1-1ubuntu0.2.diff.gz bind9_9.7.0.dfsg.P1-1ubuntu0.2.dsc bind9_9.7.0.dfsg.P1.orig.tar.gz bind9-doc_9.7.0.dfsg.P1-1_all.deb bind9-host_9.7.0.dfsg.P1-1_amd64.deb bind9utils_9.7.0.dfsg.P1-1_amd64.deb dnsutils_9.7.0.dfsg.P1-1_amd64.deb libbind9-60_9.7.0.dfsg.P1-1_amd64.deb libbind-dev_9.7.0.dfsg.P1-1_amd64.deb libdns64_9.7.0.dfsg.P1-1_amd64.deb libisc60_9.7.0.dfsg.P1-1_amd64.deb libisccc60_9.7.0.dfsg.P1-1_amd64.deb libisccfg60_9.7.0.dfsg.P1-1_amd64.deb liblwres60_9.7.0.dfsg.P1-1_amd64.deb lwresd_9.7.0.dfsg.P1-1_amd64.deb
Install the binary packages on your system.
root@foo:/usr/local/src/bind9# dpkg -i *.deb
Update (12/30/2009)I seem to be running into a problem connected with leaking or intermittedly dying connections to the MySQL server. Bind logs "mysql driver unable to return result set for findzone query" and eventually dies. This matches a problem description I found in a discussion on the DLZ mailing list with some interesting findings. I have not applied the suggested patch yet and am trying to fix the problem solely by forcing Bind to run in a single thread which has also been suggested in that thread.
root@foo:~# vim /etc/default/bind9Change OPTIONS to include -n 1:
OPTIONS="-u bind -n 1"
Update (01/01/2010)The order in which the bind9 and mysql init scripts are started by default does not reflect the fact that there now is a dependency of Bind9 on MySQL. Rebooting the system will start bind before mysql which causes bind to exit. Changing the boot order of init scripts is a bit involved so bare with me.
root@foo:~# apt-get install insservEdit the mysql init scripts and remove the
$namedfrom the two lines beginning with
root@foo:~# vim /etc/init.d/mysql-ndb root@foo:~# vim /etc/init.d/mysql-ndb-mgm root@foo:~# vim /etc/init.d/mysqlAppend
mysqlto the Should-Start and Should-Stop lines.
root@foo:~# vim /etc/init.d/bind9Run insserv to set up the necessary symlinks in /etc/rcX.d.
root@foo:~# insserv mysql root@foo:~# insserv bind9Reboot to make sure everything is in order.
This one is annoying: Lucid's version of Bind includes a patch that changes the interpolation character in DLZ's configuration file from
$ for whatever reason. This isn't mentioned anywhere (the DLZ website still documents the old syntax) and what's worse: the error messages haven't been patched. Even though DLZ is looking for
$zone$, the syslog entries complain about
%zone% being missing.
Anyways, I was getting this:
... Jun 27 21:14:12 a named: Loading 'Dynamic zone' using driver mysql Jun 27 21:14:12 a named: Required token %zone% not found. Jun 27 21:14:12 a named: Could not build all nodes query list Jun 27 21:14:12 a named: mysql driver could not create database instance object. Jun 27 21:14:12 a kernel: [ 2027.484135] named: segfault at 58 ip ...
Notice the segfault at the end? Yum!
After replacing % with $ in named.conf.local everything worked.
When a Ubuntu releases an upgrade to bind9 and you do
apt-get upgrade, the binary package from the upstream repository will overwrite the installation you did from the source package. At the end of the upgrade process, bind will fail to start because the upstream package does not understand the MySQL/DLZ-specific configuration in /etc/. I'm sure there's a way to prevent the overwriting of a package installed from source but I don't know how (leave a comment if you do). You will have to repeat the steps steps above, skipping the installation of the build prerequistites, of course.
As suggested by a reader, the following commands prevent bind9 from being subject to automatic upgrades. They put a hold on the bind package. Without the hold, bind9 refuses to start after an upgrade because of the DLZ references in its configuration which aren't understood by the upstream version of bind.
root@foo:~# for package in bind9 bind9-doc bind9-host bind9utils dnsutils libbind9-60 \ libbind-dev libdns64 libisc60 libisccc60 libisccfg60 liblwres60 lwresd ; do \ echo $package hold | dpkg --set-selections ; done root@foo:~# dpkg --get-selections | grep hold bind9 hold bind9-doc hold bind9-host hold bind9utils hold dnsutils hold libbind-dev hold libbind9-60 hold libdns64 hold libisc60 hold libisccc60 hold libisccfg60 hold liblwres60 hold lwresd hold
Update (12/13/2012)Version 9.8.1 of bind9 used in Precise (Ubuntu 12.04 LTS) has a bug that prevent compilation with DLZ support enabled. The fix involves commenting out the