一、安裝開發包組"Development Tools"、"Server Platform Tools",保證編譯的正常進行。
yum groupinstall "Development Tools" "Server Platform Tools"
二、添加named系統組和系統用戶
groupadd -r -g 53 named useradd -r -u 53 -g named named
三、準備bind--9.9.6-P1源代碼,解壓後進入解壓目錄使用./configure --help查看幫助,保證編譯的準確性
tar xvf bind-9.9.6-P1.tar.gz cd bind-9.9.6-P1 ./configure --help | more ./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named/ --disable- chroot --enable-threads make make install
四、導出程序文件路徑到環境變量PATH中,保證bind的正常啓動
vim /etc/profile.d/named.sh
PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH
echo PATH
source /etc/profile.d/named.sh
五、導出幫助文件,保證能夠使用man named
vim /etc/man.config
MANPATH /usr/local/bind9/share/man
六、導出庫文件,方便二次開發bind使用
cd /etc/ld.so.conf.d/ echo "/usr/local/bind9/lib" > bind9.conf ldconfig -v
七、創建區域數據庫目錄,使用dig工具,準備根區域數據庫、localhost正向域數據庫文件、localhost反向域數據庫文件,並修改該目錄下所有文件的訪問權限和屬組
mkdir /var/named/ && cd /var/named/ dig -t NS . @202.173.10.87 > /var/named/named.ca vim /var/named/named.localhost
$TTL 86400
@ IN SOA localhost. nsadmin.localhost. (
201503251
12H
1H
15D
1D )
IN NS localhost.
IN A 127.0.0.1
cp named.localhost named.loopback sed -i '$d' named.loopback echo " IN PTR localhost." >> named.loopback chmod 640 * chown :named *
八、編寫bind配置文件,並使用rndc-confgen生成密鑰,並將密鑰放入bind配置文件中
rndc-confgen -r /dev/urandom vim /etc/named/named.conf
# Use with the following in named.conf, adjusting the allow list as needed: key "rndc-key" { algorithm hmac-md5; secret "D8sH28h0fGjcyKYR6W6o0A=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; # End of named.conf options { directory "/var/named"; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "named.localhost"; allow-update { none;}; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.loopback"; allow-update { none;}; };
九、編寫bind的服務腳本,並修改其訪問權限
vim /etc/rc.d/init.d/named
#!/bin/bash # #chkconfig: 2345 60 39 # #description:Bind-9.9.6-P1 named daemon pidfile=/usr/local/bind9/var/run/named/named.pid lockfile=/var/lock/subsys/named confile=/etc/named/named.conf named=/usr/local/bind9/sbin/named prog=named [ -r /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions start() { if [ -e $lockfile ] ; then echo "$prog is already running." warning echo -e exit 0 fi echo -n "Starting $prog:" daemon --pidfile $pidfile $named -u named -c $confile retval=$? echo if [[ $retval -eq 0 ]] ; then touch $lockfile return $retval else rm -f $lockfile $pidfile return 1 fi } stop() { if [ ! -e $lockfile ] ; then echo "$prog is stopped." warning echo -e exit 0 fi echo -n "stopping $prog:" killproc $prog retval=$? echo if [[ $retval -eq 0 ]] ; then rm -rf $lockfile $pidfile return 0 else echo "$prog can't be stopped." warning echo -e return 1 fi } restart() { stop start } reload() { echo "reload the $prog:" killproc -HUP $prog retval=$? echo return $retval } status() { if pidof $prog &> /dev/null; then echo "$prog is running.\n" success echo else echo "$prog is stopped.\n" success echo fi } usage() { echo "Usage:named {start|stop|status|reload|restart}" } case $1 in start) start ;; stop) stop ;; restart) restart ;; status) status ;; reload) reload ;; *) usage exit 1 ;; esac
chkconfig --add named chmod 755 /etc/rc.d/init.d/named
至此,bind-9.9.6-P1編譯安裝結束。