In getting this email error last night…
nameserver failed @ Wed Dec 15 01:46:06 2010. A restart was attempted automagically.
Service Check Method: [check command]
Cmd Service Check Raw Output: Fixed ownership on /etc/named.conf
Fixed ownership on /etc/rndc.key
Fixed ownership on /etc/rndc.conf
I checked the yum logs for updates, i’m seeing:
tac /var/log/yum.log |less
Dec 15 00:16:48 Updated: 30:bind-devel-9.3.6-4.P1.el5_5.3.i386
Dec 15 00:16:46 Updated: openssl-devel-0.9.8e-12.el5_5.7.x86_64
Dec 15 00:16:44 Updated: 30:bind-devel-9.3.6-4.P1.el5_5.3.x86_64
Dec 15 00:16:40 Updated: openssl-devel-0.9.8e-12.el5_5.7.i386
Dec 15 00:16:38 Updated: 30:bind-utils-9.3.6-4.P1.el5_5.3.x86_64
Dec 15 00:16:37 Updated: 30:bind-9.3.6-4.P1.el5_5.3.x86_64
Dec 15 00:16:36 Updated: 30:bind-libs-9.3.6-4.P1.el5_5.3.i386
Dec 15 00:16:36 Updated: 30:bind-libs-9.3.6-4.P1.el5_5.3.x86_64
Dec 15 00:16:35 Updated: openssl-0.9.8e-12.el5_5.7.x86_64
so, checking for errors;
tac /var/log/messages |grep named |less
Dec 15 10:13:49 host named: loading configuration from '/etc/named.conf'
Dec 15 10:13:49 host named: using up to 4096 sockets
After the latest security update for bind (which came out last night), now
there’s a new message on syslog, (facility: daemon, severity: warning) every
time you restart named:
max open files (1024) is smaller than max sockets (4096)
After googling for a while the solution seems to be to add this to
named soft nofile 4096
….and mofity /etc/named.conf in order to add, under the options section:
That seems to work. Of course, you may raise the 4096 but I guess that’s
the default in BIND and I was good with that.
I’m not sure why this happend. Maybe before the update bind had a value of
1024 for max.sockets and now it was raised to 4096.