On 2017/01/19 00:01:05, Ondřej Surý <ondrej.sury@nic.cz> wrote:
Horigome-san,
this is still the same issue as https://gitlab.labs.nic.cz/knot/resolver/issues/115.
kresd in Debian and Ubuntu is socket activated under systemd. If you want to override this, do:
sudo systemctl mask kresd.socket
sudo systemctl mask kresd-control.socket
then create:
/etc/systemd/system/kresd.service
and put something like:
--cut here--
[Unit]
Description=Knot DNS Resolver daemon
Documentation=man:kresd(8)
## This is a socket-activated service:
RefuseManualStart=false
[Service]
Type=notify
WorkingDirectory=/run/knot-resolver/cache
EnvironmentFile=-/etc/default/kresd
ExecStart=/usr/sbin/kresd $KRESD_ARGS
User=root
Restart=on-failure
[Install]
WantedBy=sockets.target
--cut here--
into it.
Then edit /etc/knot-resolver/kresd.conf and add:
user('knot-resolver','knot-resolver')
after any net or net.listen statements, but before any cache.* statements.
Finally issue:
sudo systemctl daemon-reload
sudo systemctl restart kresd
Cheers,
Ondrej
--
Ondřej Surý -- Technical Fellow
--------------------------------------------
CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
Milesovska 5, 130 00 Praha 3, Czech Republic
mailto:ondrej.sury@nic.cz https://nic.cz/
--------------------------------------------
----- Original Message -----
> From: "Horigome Yoshihito"
> To: "knot-dns-users"
> Sent: Wednesday, 18 January, 2017 14:29:26
> Subject: Re: [knot-dns-users] Knot Resolver 1.2.0-rc1 (Release Candidate 1) release
> Hello, all
>
> In the environment of Ubuntu 16.04.1, I installed knot resolver from the
> repository, but daemon does not start.
>
> kometch@dns02:~$ sudo systemctl restart kresd.service
> Failed to restart kresd.service: Operation refused, unit kresd.service may be
> requested by dependency only.
> See system logs and 'systemctl status kresd.service' for details.
>
> If you modify the following location in the systemctl file, it will be launched.
>
> kometch@dns02:~$ sudo systemctl cat kresd.service
> # /lib/systemd/system/kresd.service
> [Unit]
> Description=Knot DNS Resolver daemon
> Documentation=man:kresd(8)
> ## This is a socket-activated service:
> RefuseManualStart=true <==false?>
>
> [Service]
> Type=notify
> WorkingDirectory=/run/knot-resolver/cache
> EnvironmentFile=-/etc/default/kresd
> ExecStart=/usr/sbin/kresd $KRESD_ARGS
> User=knot-resolver <==root?>
> Restart=on-failure
>
> [Install]
> WantedBy=sockets.target
>
> There are no messages of particular interest in log.
> In this case how should I do?
>
> Thanks.
>
>
>
>
> On 2017/01/18 02:54:16, Ondřej Surýwrote: Dear Knot
> Resolver users,
>
> CZ.NIC is proud to release a new release candidate of Knot Resolver.
> The team has worked very hard to bring:
>
> - reworked DNSSEC Validation, that fixes several know problems
> with less standard DNS configurations, and it is also a solid
> base for further improvements
> - optional EDNS(0) Padding support for DNS over TLS
> - support for debugging DNSSEC with CD bit
> - DNS over TLS is now able to create ephemeral certs on the runtime
> (Thanks Daniel Kahn Gilmore for contributing to DNS over TLS
> implementation in Knot Resolver.)
> - configurable minimum and maximum TTL (default 6 days)
> - configurable pseudo-random reordering of RR sets
> - new module 'version' that can call home and report new versions
> and security vulnerabilities to the log file
>
> This release also fixes bugs, most notable ones:
>
> - The resolver was setting AD flag when running in a forwarding
> mode. Thanks Stéphane Bortzmeyer for reporting this issue!
> - We now correctly return RCODE=NOTIMPL on meta-queries and
> non IN class queries
> - Fix crash in hints module when hints file was empty
> - Fix non-lowercase hints
>
> We also have a new LRU implementation under the hood.
>
> That's it! Thank you for using Knot Resolver. And if you are
> not using it yet, please give it a try.
>
> Full changelog:
> https://gitlab.labs.nic.cz/knot/resolver/raw/v1.2.0-rc1/NEWS
>
> Sources:
> https://secure.nic.cz/files/knot-resolver/knot-resolver-1.2.0-rc1.tar.xz
>
> GPG signature:
> https://secure.nic.cz/files/knot-resolver/knot-resolver-1.2.0-rc1.tar.xz.asc
>
> Documentation:
> http://knot-resolver.readthedocs.io/en/latest/
>
> --
> Ondřej Surý -- Technical Fellow
> --------------------------------------------
> CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
> Milesovska 5, 130 00 Praha 3, Czech Republic
> mailto:ondrej.sury@nic.cz https://nic.cz/
> --------------------------------------------
> _______________________________________________
> knot-dns-users mailing list
> knot-dns-users@lists.nic.cz
> https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users
>
> _______________________________________________
> knot-dns-users mailing list
> knot-dns-users@lists.nic.cz
> https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users