一、安装开发包组"Development Tools"、"Server Platform Tools",保证编译的正常进行。
yum groupinstall "Development Tools" "Server Platform Tools"
二、添加named系统组和系统用户
groupadd -r -g 53 named useradd -r -u 53 -g named named
三、准备bind--9.9.6-P1源代码,解压后进入解压目录使用./configure --help查看帮助,保证编译的准确性
tar xvf bind-9.9.6-P1.tar.gz cd bind-9.9.6-P1 ./configure --help | more ./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named/ --disable- chroot --enable-threads make make install
四、导出程序文件路径到环境变量PATH中,保证bind的正常启动
vim /etc/profile.d/named.sh
PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH
echo PATH
source /etc/profile.d/named.sh
五、导出帮助文件,保证能够使用man named
vim /etc/man.config
MANPATH /usr/local/bind9/share/man
六、导出库文件,方便二次开发bind使用
cd /etc/ld.so.conf.d/ echo "/usr/local/bind9/lib" > bind9.conf ldconfig -v
七、创建区域数据库目录,使用dig工具,准备根区域数据库、localhost正向域数据库文件、localhost反向域数据库文件,并修改该目录下所有文件的访问权限和属组
mkdir /var/named/ && cd /var/named/ dig -t NS . @202.173.10.87 > /var/named/named.ca vim /var/named/named.localhost
$TTL 86400
@ IN SOA localhost. nsadmin.localhost. (
201503251
12H
1H
15D
1D )
IN NS localhost.
IN A 127.0.0.1
cp named.localhost named.loopback sed -i '$d' named.loopback echo " IN PTR localhost." >> named.loopback chmod 640 * chown :named *
八、编写bind配置文件,并使用rndc-confgen生成密钥,并将密钥放入bind配置文件中
rndc-confgen -r /dev/urandom vim /etc/named/named.conf
# Use with the following in named.conf, adjusting the allow list as needed: key "rndc-key" { algorithm hmac-md5; secret "D8sH28h0fGjcyKYR6W6o0A=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; # End of named.conf options { directory "/var/named"; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "named.localhost"; allow-update { none;}; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.loopback"; allow-update { none;}; };
九、编写bind的服务脚本,并修改其访问权限
vim /etc/rc.d/init.d/named
#!/bin/bash # #chkconfig: 2345 60 39 # #description:Bind-9.9.6-P1 named daemon pidfile=/usr/local/bind9/var/run/named/named.pid lockfile=/var/lock/subsys/named confile=/etc/named/named.conf named=/usr/local/bind9/sbin/named prog=named [ -r /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions start() { if [ -e $lockfile ] ; then echo "$prog is already running." warning echo -e exit 0 fi echo -n "Starting $prog:" daemon --pidfile $pidfile $named -u named -c $confile retval=$? echo if [[ $retval -eq 0 ]] ; then touch $lockfile return $retval else rm -f $lockfile $pidfile return 1 fi } stop() { if [ ! -e $lockfile ] ; then echo "$prog is stopped." warning echo -e exit 0 fi echo -n "stopping $prog:" killproc $prog retval=$? echo if [[ $retval -eq 0 ]] ; then rm -rf $lockfile $pidfile return 0 else echo "$prog can't be stopped." warning echo -e return 1 fi } restart() { stop start } reload() { echo "reload the $prog:" killproc -HUP $prog retval=$? echo return $retval } status() { if pidof $prog &> /dev/null; then echo "$prog is running.\n" success echo else echo "$prog is stopped.\n" success echo fi } usage() { echo "Usage:named {start|stop|status|reload|restart}" } case $1 in start) start ;; stop) stop ;; restart) restart ;; status) status ;; reload) reload ;; *) usage exit 1 ;; esac
chkconfig --add named chmod 755 /etc/rc.d/init.d/named
至此,bind-9.9.6-P1编译安装结束。