In getting this email error last night…

nameserver failed @ Wed Dec 15 01:46:06 2010. A restart was attempted automagically.
Service Check Method: [check command]

Cmd Service Check Raw Output: Fixed ownership on /etc/named.conf
Fixed ownership on /etc/rndc.key
Fixed ownership on /etc/rndc.conf

I checked the yum logs for updates, i’m seeing:

tac /var/log/yum.log |less

Dec 15 00:16:48 Updated: 30:caching-nameserver-9.3.6-4.P1.el5_5.3.x86_64
Dec 15 00:16:48 Updated: 30:bind-devel-9.3.6-4.P1.el5_5.3.i386
Dec 15 00:16:46 Updated: openssl-devel-0.9.8e-12.el5_5.7.x86_64
Dec 15 00:16:44 Updated: 30:bind-devel-9.3.6-4.P1.el5_5.3.x86_64
Dec 15 00:16:40 Updated: openssl-devel-0.9.8e-12.el5_5.7.i386
Dec 15 00:16:38 Updated: 30:bind-utils-9.3.6-4.P1.el5_5.3.x86_64
Dec 15 00:16:37 Updated: 30:bind-9.3.6-4.P1.el5_5.3.x86_64
Dec 15 00:16:36 Updated: 30:bind-libs-9.3.6-4.P1.el5_5.3.i386
Dec 15 00:16:36 Updated: 30:bind-libs-9.3.6-4.P1.el5_5.3.x86_64
Dec 15 00:16:35 Updated: openssl-0.9.8e-12.el5_5.7.x86_64

so, checking for errors;

tac /var/log/messages |grep named |less

getting this;

Dec 15 10:13:49 host named[24058]: max open files (1024) is smaller than max sockets (4096)
Dec 15 10:13:49 host named[24058]: loading configuration from '/etc/named.conf'
Dec 15 10:13:49 host named[24058]: using up to 4096 sockets

resolution may be here;,158533


After the latest security update for bind (which came out last night), now
there’s a new message on syslog, (facility: daemon, severity: warning) every
time you restart named:

max open files (1024) is smaller than max sockets (4096)

After googling for a while the solution seems to be to add this to

named soft nofile 4096

….and mofity /etc/named.conf in order to add, under the options section:

files 4096;

That seems to work. Of course, you may raise the 4096 but I guess that’s
the default in BIND and I was good with that.

I’m not sure why this happend. Maybe before the update bind had a value of
1024 for max.sockets and now it was raised to 4096.


Was this post helpful?