The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How can I get rid of the large named.run files?

Discussion in 'General Discussion' started by jols, Feb 1, 2012.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    I never received a response to the post I made over 500 days ago about this (and this forum would not allow me to update the thread with another request for information), and now I have named.run files that are well over a GB on more than one server, i.e. they are eating up a lot of valuable space.

    I'd like to know if I could just comment out the logging lines in /etc/named.conf (see below) and then remove the very large named.run files? Or is there some other method of switching off named logging and then SAFELY removing the named.run files?

    I have read elsewhere that there is no sense in running named in debug mode unless there are issues with BIND. And we have no issues with this, so now, how can I safely get rid of the named.run files?

    --------------
    logging {
    /* If you want to enable debugging, eg. using the 'rndc trace' command,
    * named will try to write the 'named.run' file in the $directory (/var/named").
    * By default, SELinux policy does not allow named to modify the /var/named" directory,
    * so put the default debug log file in data/ :
    */
    channel default_debug {
    file "data/named.run";
    severity dynamic;
    };
    };
     
  2. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Anyone have the answer to this?
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,446
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  4. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Thanks much.

    I just want to verify that this will work with the cPanel system, and I won't end up damaging bind/named.

    -----------
    A safer way to do this is the following:

    1. delete named.run (can be in /var/named, /var/cache/bind, etc, depending on the flavor of Linux).
    2. "rndc notrace" to disable debug in bind
    3. "rndc reload" to reopen file handles.
    -----------

    1, 2, 3, and that's it. Right?

    Thanks again.
     
  5. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    The thing that gets me here, is why are only some of our servers running bind in debug mode while others are not.

    So if I run "rndc notrace", and "rndc reload" will I have to do this everytime the sever reboots to keep named from going into debug mode?

    Looks like I will need to fill out a cpanel.net trouble ticket for this one, I was hoping to avoid that.
     
  6. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Is bind running in chroot on the machines where bind has debugging set to on?

    Code:
    ps aux | grep named
    Also, you can see if you have it chroot in /etc/sysconfig/named file.
     
  7. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,126
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    Sorry for picking up a 4 month old thread, but am looking for some guidance on the same problem. Have a 2.8GB named.run file on one of our boxes. bind is running as 'named'. The /etc/sysconfig/named file has all lines commented out.

    The questions in posts #4 and #5 seem unanswered. Is it OK to run the rndc nodebug and rndc reload, or is there a better "cpanel way" to do it? Will we have to remember to do this upon every reboot?

    Thanks!

    - Scott
     
  8. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Hello Scott,

    Before I go into that section, can we check your /etc/named.conf configuration? What do you show for the following:

    Code:
    grep named.run /etc/named.conf
    After you get that return, could you look at the file and post the section around it as well? I just want to make sure that you show the same configuration that is mentioned previously by jols.

    Thanks!
     
  9. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,126
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    /etc/named.conf

    Code:
    logging {
    /*      If you want to enable debugging, eg. using the 'rndc trace' command,
     *      named will try to write the 'named.run' file in the $directory (/var/named").
     *      By default, SELinux policy does not allow named to modify the /var/named" directory,
     *      so put the default debug log file in data/ :
     */
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
    };
    
     
  10. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    This configuration is put in place by scripts/rebuilddnsconfig (it may also be part of the standard Red Hat configuration, but I didn't check). I filed a case with development to look into this matter. The case number is 59777.

    On a test system I noted mundane actions like restarting named resulting in data being added to this file. Per the comment preceding the directive it seems this logging should only be used in select circumstances. Right now it appears to be duplicating what gets written to /var/log/messages.

    I have no suggested fixes or work arounds at this time.
     
  11. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,126
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    Thanks for digging into this, Kenneth! Short of a fix or work-around, can you suggest any damage control? i.e. can I simply delete this file once in a while?

    - Scott
     
  12. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Since it is a log file it should be safe to remote or truncate. You should also be able to add a logrotate configuration for it to /etc/logrotate.d/named. The following seems to work

    Code:
    /var/named/data/named.run {
        daily
        dateext
        missingok
        create 0644 named named
        postrotate
            /sbin/service named reload  2> /dev/null > /dev/null || true
        endscript
    }
    
     
  13. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,126
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    Beautiful, thank you!

    - Scott
     
  14. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    432
    Likes Received:
    0
    Trophy Points:
    16
    Hello Kenneth

    we have same problem, with named.run over 1,5 GB

    our named.run is in other location
    /var/named/chroot/var/named/data/named.run

    could use your code at the same ?

    Code:
    /var/named/chroot/var/named/data/named.run {
        daily
        dateext
        missingok
        create 0644 named named
        postrotate
            /sbin/service named reload  2> /dev/null > /dev/null || true
        endscript
    }
    
    Thanks
     
  15. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Or how about this for a more manual approach, when you notice named.run is getting too large:

    cd /var/named/data
    cat /dev/null > named.run

    After all, this is only a log file, right?
     
  16. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    432
    Likes Received:
    0
    Trophy Points:
    16
    any update ?
     
  17. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,446
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    There is no update to the internal case mentioned by Ken (#59777) at this time to report.
     
  18. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    432
    Likes Received:
    0
    Trophy Points:
    16
    Sorry, I refer to this post

     
  19. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Hello webstyler,

    cPanel doesn't support bind in chroot and we even add an exclude in /etc/yum.conf for bind-chroot, so we wouldn't add a check for removing those files, since they aren't the advised setup.

    In this instance, you should remove the chroot for bind in /etc/sysconfig/named file by removing that line at the bottom of the file setting a chroot for it (just comment out the line or remove it), then restart named.

    Thanks!
     
  20. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    432
    Likes Received:
    0
    Trophy Points:
    16
    Hello Tristan

    Thanks x suggest

    We have removed from /etc/sysconfig/named the row "ROOTDIR=/var/named/chroot" and restart named

    now see a new named.run
    /var/named/data/named.run

    so we can safely delete old, right ?
    /var/named/chroot/var/named/data/named.run

    Thanks
     
Loading...

Share This Page