Installing Bind9 9.8 on Debian 6 squeeze

While following the official Samba4 HOWTO I found out that bind would not start giving me the following error (taken from my syslog):

Loading ‘AD DNS Zone’ using driver dlopen
unsupported DLZ database driver ‘dlopen’.  AD DNS Zone not loaded.

If you want some technical background as to what dlopen is read this blog post, but in short, Samba4 needs some features only available in Bind 9.8 and above. If you are getting the error I described above, you either have an earlier version or your binary version of Bind 9.8 or above was not compiled with support for dlz drivers.

To fix it I backported Bind9 from SID. This was the first time I ever did such a thing so I am no expert… if you know a better way to accomplish this please leave a comment.

Note: whenever Bing 9.8 gets backported it will become much easier to install, you will only have to follow the steps described here. For now, follow the instructions below.

Let’s remove the old version of bind first:

sudo apt-get remove bind9

Install required packages:

sudo apt-get install devscripts build-essential libkrb5-dev debhelper libssl-dev libtool bison libdb-dev libldap2-dev libxml2-dev libpcap2-dev hardening-wrapper libgeoip-dev dpkg-dev

Download bind9 .dsc file (check here for the latest link to the .dsc file):

mkdir bind9
cd bind9
dget -x

 Now unpack bind:

tar xvzf bind9_9.8.1.dfsg.orig.tar.gz
cd bind9_9.8.1.dfsg/

Note: I will skip applying the .diff file from sid. When I tried applying it the source would not compile and, most importantly, it stopped recognising the –with-dlz-dlopen parameter which is the reason why I had to do this in the first place.

Configure and then compile Bind9 source code:

fakeroot ./configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --sysconfdir=/etc/bind --localstatedir=/var --enable-threads --enable-largefile --with-libtool --enable-shared --enable-static --with-openssl=/usr --with-gssapi=/usr --with-gnu-ld --with-dlz-postgres=no --with-dlz-mysql=no --with-dlz-bdb=yes --with-dlz-filesystem=yes --with-dlz-ldap=yes --with-dlz-stub=yes --with-dlz-dlopen=yes --with-geoip=/usr --enable-ipv6 CFLAGS=-fno-strict-aliasing

If you are using bind9 9.8.1 you may find a compilation error which can be fixed with the patch described here. You can apply the patch manually, all you have to do is edit the file contrib/dlz/drivers/sdlz_helper.c and remove the “#ifdef DLZ” line and the “#endif” line at the end of the file.

Now let’s compile and install bind9:

make install

Last step, we need to manually create the /var/cache/bind directory:

sudo mkdir /var/cache/bind

Start the service:

sudo /etc/init.d bind9 start

Hopefully, bind9 will start just fine.

Congratulations, bind9 should be working now. If you are following the Samba4 HOWTO like I was, make sure you run the provisioning steps again with bind9 running.

Let me know if this was helpful to you!

This entry was posted in bind9, debian, samba4. Bookmark the permalink.

9 Responses to Installing Bind9 9.8 on Debian 6 squeeze

  1. MisterGrey says:

    First of all thanks to help us with your experience .
    I have just met the same problem as you. I have tried to follow your tutorial but i failed :

    when i make the make install command: this error appear :

    “dlz_ldap_driver.c:(.text+0x1f3f): undefined reference to `sdlzh_build_sqldbinstance'”

    I don’t know if this is due to the missing lib “libpcap2-dev” ( i replaced it by libpcap-dev ). Do you have any idea of the problem?


    • techtears says:

      Sorry not sure how to help you with that issue.

      Just note that the latest Samba4 alpha which was released a few days ago has chenged the requirements for Bind and seems to be more flexible allowing other types of integrarion with dns servers.
      Also make sure you are not using Bind 9.9 as that is known not to work.

      Good luck!

      • dR0PS says:

        Thank you! I didn’t find a solution for that. BIND 9.9.0-geoip-1.3 starts loading the dlz plugin and then just hangs when accessign the driver … no errormessage…

        named[5657]: using 1 UDP listener per interface
        named[5657]: using up to 4096 sockets
        named[5657]: loading configuration from ‘/etc/bind/named.conf’
        named[5657]: reading built-in trusted keys from file ‘/etc/bind/bind.keys’
        named[5657]: using default UDP/IPv4 port range: [1024, 65535]
        named[5657]: using default UDP/IPv6 port range: [1024, 65535]
        named[5657]: no IPv6 interfaces found
        named[5657]: listening on IPv4 interface lo,
        named[5657]: listening on IPv4 interface br0,
        named[5657]: generating session key for dynamic DNS
        named[5657]: sizing zone task pool based on 0 zones
        named[5657]: Loading ‘domain.local’ using driver dlopen

      • dR0PS says:

        9.8.2 works on gentoo 🙂

  2. JohnieBraaf says:

    Thank you for the article, you can find the 9.8.1 sources here

  3. kechel says:

    Thanks for the Post!
    I just put sid into my sources.list, and updated bind (which included only few other dependencies):
    — cut —
    jan@kvm3-samba:/usr/local/samba/private$ sudo aptitude install bind9
    The following NEW packages will be installed:
    libbind9-80{a} libdns81{a} libisc83{a} libisccc80{a} libisccfg82{a} liblwres80{a} libssl1.0.0{a}
    The following packages will be upgraded:
    bind9 bind9utils openssh-client openssh-server
    4 packages upgraded, 7 newly installed, 0 to remove and 293 not upgraded.
    — end cut —

    After this all i had to do is change the owner of /usr/local/samba/private to user ‘bind’ and it’s up and running! Just joined a Test-Server 2008 R2 into this brand new samba domain, yeah!

  4. dkuehn says:

    Thank you for your post. Working on a Samba4 migration also.


  6. Pingback: BIND como servidor de DNS para o Samba 4 no Debian Squeeze | | Netdeep TecnologiaNetdeep Tecnologia

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s