Skip to main content

CPANEL-42193 - Delete dns zones not in server

Comments

20 comments

  • cPanelLauren
    This might work: /scripts/autorepair unmanaged_zones
    I ran it on my own server to be sure it's still valid [QUOTE] Writing unmanaged/unauthoritative domains to /etc/unmanaged_zones To remove any unmanaged domains from this system please edit /etc/unmanaged_zones and remove any domains that you wish to have removed and run /scripts/unmanaged_zones. Zones added through the WHM directly will be included in this list. Please review the zones listed in the file carefully and ensure that they should be removed before deleting their respective entries in /etc/unmanaged_zones.
    The thread (it's quite old) goes over its use a bit:
    0
  • speckados
    A lot of thanks. Work fine.
    0
  • speckados
    Not work or I don't understand. Run script Writing unmanaged/unauthoritative domains to /etc/unmanaged_zones To remove any unmanaged domains from this system please edit /etc/unmanaged_zones and remove any domains that you wish to have removed and run /scripts/unmanaged_zones. Zones added through the WHM directly will be included in this list. Please review the zones listed in the file carefully and ensure that they should be removed before deleting their respective entries in /etc/unmanaged_zones. Done ...Auto Repair is done.
    Verify that all domains in /etc/unmanaged_zones are not managed my server (create script for this) At end file Re-run Requesting script ... info [autorepair] Successfully verified signature for cpanel (key types: release). Done Auto Repair is running...The following zones are not directly managed by this server: .... ...Auto Repair is done.
    At start 387, at end same 387 zones.
    0
  • 4u123
    When you create the list by running /scripts/autorepair unmanaged_zones it adds the list of zones to a file... /etc/unmanaged_zones - then it generates a script... /scripts/unmanaged_zones specifically for that file. You have to delete idividually from the /etc/unmanaged_zones file the zones you no longer want on the server - or empty the file completely. Then run /scripts/unmanaged_zones and it will remove the zones for you. If you want to start again, you must delete both /etc/unmanaged_zones and /scripts/unmanaged_zones then run /scripts/autorepair unmanaged_zones again. I want to do this on all my servers but unfortunately when I try to run the script I get this... # /scripts/unmanaged_zones Bareword found where operator expected at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 30, near "m/^(?:\d+|-1)$/a" syntax error at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 30, near "m/^(?:\d+|-1)$/a " syntax error at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 34, near "else" Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 35. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 35. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 38. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 38. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 38. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 39. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 39. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 41. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 42. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 42. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 45. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 46. Global symbol "@files" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 50. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 65. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 65. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 66. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 66. Global symbol "$count" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 69. Global symbol "$count" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 72. syntax error at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 73, near "}" /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm has too many errors. Compilation failed in require at /usr/local/cpanel/Cpanel/SafetyBits.pm line 14. BEGIN failed--compilation aborted at /usr/local/cpanel/Cpanel/SafetyBits.pm line 14. Compilation failed in require at /usr/local/cpanel/Cpanel/DNSLib.pm line 18. BEGIN failed--compilation aborted at /usr/local/cpanel/Cpanel/DNSLib.pm line 18. Compilation failed in require at /scripts/unmanaged_zones line 10.
    0
  • 4u123
    @cPanelLauren I wonder if you could possibly find out from your dev team if the /scripts/autorepair unmanaged_zones script is currently broken? Running the script it produces.... /scripts/unmanaged_zones results in the errors I've pasted above. We'd really like to use this script but it's not working.
    0
  • cPanelLauren
    Hi @4u123 I'm trying to replicate the issue before i discuss this with anyone further but I'm not experiencing the same issue when running the autorepair: [root@server ~]# /scripts/autorepair unmanaged_zones Requesting script ... info [autorepair] Successfully verified signature for cpanel (key types: release). Done Auto Repair is running...The following zones are not directly managed by this server: centos7.11-80-0-18.tld ns1.test.tech ns2.test.tech server.test.tech server.test.us Writing unmanaged/unauthoritative domains to /etc/unmanaged_zones To remove any unmanaged domains from this system please edit /etc/unmanaged_zones and remove any domains that you wish to have removed and run /scripts/unmanaged_zones. Zones added through the WHM directly will be included in this list. Please review the zones listed in the file carefully and ensure that they should be removed before deleting their respective entries in /etc/unmanaged_zones. Done ...Auto Repair is done.
    Then I ran /scripts/unmanaged_zones
    [root@server ~]# /scripts/unmanaged_zones --help JSON::XS is missing the no_set_utf8 flag at /usr/local/cpanel/Cpanel/JSON.pm line 172. The following zones are not directly managed by this server: centos7.11-80-0-18.tld ns1.test.tech ns2.test.tech server.test.tech server.test.us The following zones are subject to removal: centos7.11-80-0-18.tld, ns1.test.tech, ns2.test.tech, server.test.tech, server.test.us Would you like to remove the zone files and entries in /etc/named.conf for the unauthoritative zones on this server only? (y/n) y Will remove 5 zones Removing zones ... centos7.11-80-0-18.tld => deleted from server. ns1.test.tech => deleted from server. ns2.test.tech => deleted from server. server.test.tech => deleted from server. server.test.us => deleted from server. Done.
    0
  • 4u123
    Ok thank you for taking the time to look into it for me. I tested this randomly on three of our CL6 based servers and had the same error result - but it works fine on CL7 servers. So it seems the error is specific to servers running version 6.
    0
  • cPanelLauren
    Ahh Ok, let me test it on CL 6 as I only tested on CentOS 7. I know we've talked about your servers before but I just didn't remember what you were on.
    0
  • cPanelLauren
    I've been able to replicate this @4u123 [root@cl6 ~]# /scripts/autorepair unmanaged_zones Requesting script ... info [autorepair] Successfully verified signature for cpanel (key types: release, development). Done Auto Repair is running...The following zones are not directly managed by this server: cl6.test.tld cloudlinux6.11-88-0-9.tld install.narcissus.test.tld Writing unmanaged/unauthoritative domains to /etc/unmanaged_zones To remove any unmanaged domains from this system please edit /etc/unmanaged_zones and remove any domains that you wish to have removed and run /scripts/unmanaged_zones. Zones added through the WHM directly will be included in this list. Please review the zones listed in the file carefully and ensure that they should be removed before deleting their respective entries in /etc/unmanaged_zones. Done ...Auto Repair is done.
    [root@cl6 ~]# /scripts/unmanaged_zones Bareword found where operator expected at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 30, near "m/^(?:\d+|-1)$/a" syntax error at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 30, near "m/^(?:\d+|-1)$/a " syntax error at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 34, near "else" Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 35. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 35. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 38. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 38. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 38. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 39. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 39. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 41. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 42. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 42. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 45. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 46. Global symbol "@files" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 50. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 65. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 65. Global symbol "$uid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 66. Global symbol "$gid" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 66. Global symbol "$count" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 69. Global symbol "$count" requires explicit package name at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 72. syntax error at /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm line 73, near "}" /usr/local/cpanel/Cpanel/SafetyBits/Chown.pm has too many errors. Compilation failed in require at /usr/local/cpanel/Cpanel/SafetyBits.pm line 14. BEGIN failed--compilation aborted at /usr/local/cpanel/Cpanel/SafetyBits.pm line 14. Compilation failed in require at /usr/local/cpanel/Cpanel/DNSLib.pm line 18. BEGIN failed--compilation aborted at /usr/local/cpanel/Cpanel/DNSLib.pm line 18. Compilation failed in require at /scripts/unmanaged_zones line 10. [root@cl6 ~]#
    I also believe I know why this is happening. CentOS 6 and CL 6 are both using an older Perl version and the script is by default using the system Perl instead of cPanel's Perl. To resolve this run it calling cPanel's Perl directly as follows: [root@cl6 ~]# /usr/local/cpanel/3rdparty/bin/perl /scripts/unmanaged_zones The following zones are not directly managed by this server: cl6.test.tld cloudlinux6.11-88-0-9.tld install.narcissus.test.tld The following zones are subject to removal: cl6.test.tld, cloudlinux6.11-88-0-9.tld, install.narcissus.test.tld Would you like to remove the zone files and entries in /etc/named.conf for the unauthoritative zones on this server only? (y/n) y Will remove 3 zones Removing zones ... cl6.test.tld => deleted from cloudlinux6. cloudlinux6.11-88-0-9.tld => deleted from cloudlinux6. install.narcissus.test.tld => deleted from cloudlinux6. Done. [root@cl6 ~]#
    0
  • 4u123
    Ahah! great, thank you!
    0
  • Kent Brockman
    Hi there guys. I had the same issue but I needed to run the suggested path although I'm on CL7: /usr/local/cpanel/3rdparty/bin/perl /scripts/unmanaged_zones Will you fix this script maybe?
    0
  • cPRex Jurassic Moderator
    @Kent Brockman - can you let me know what issue you're seeing with that? You will need to install the tool first with this command: /scripts/autorepair unmanaged_zones but then the script should be available to you. Is that not working on your end?
    0
  • Kent Brockman
    Yes yes, I was able to run it, using the suggested change in Perl path: /usr/local/cpanel/3rdparty/bin/perl
    0
  • Kent Brockman
    For the sake of curiosity, I'd like to share the full list of commands I recently used. I've run this on dozens of server and it greatly cleaned out old unneeded DNS entries: [QUOTE] rm -drf /scripts/unmanaged_zones /etc/unmanaged_zones && /scripts/autorepair unmanaged_zones && rm -drf /etc/unmanaged_zones && touch /etc/unmanaged_zones && /scripts/unmanaged_zones
    It's a chain of commands that will ensure old cleaning attempts are reset first and then autoclean the registry. You only have to confirm the cleaning process by choosing Y or N as the /scripts/unmanaged_zones script will require. It's a leap of faith, yes. But it worked greatly in my servers. What I need now is to clean DNS entries for no longer existent domains within the DNS Only servers. How can this be performed? Should I run this script onto the DNS Only servers to delete ALL domains and then synchronize all domains in every other server to the cluster? Does DNS Only have any maintanance script that could identify domains in no longer existent servers or domains that no longer exists in any server? Thanks
    0
  • Kent Brockman
    What I need now is to clean DNS entries for no longer existent domains within the DNS Only servers. How can this be performed? Should I run this script onto the DNS Only servers to delete ALL domains and then synchronize all domains in every other server to the cluster? Does DNS Only have any maintanance script that could identify domains in no longer existent servers or domains that no longer exists in any server?

    @cPRex, any ideas about this?
    0
  • cPRex Jurassic Moderator
    I actually don't have any good ideas about this one. The unmanaged_zones tool is designed to handle data on the webservers, but not on the DNSOnly systems. I think the more interesting issue is how you ended up with unmanaged zones in both places. The good news, is that extra zones on the nameserver shouldn't really matter - they'll just sit there, and nothing will ever read them. You could try and use the unmanaged_zones tool there, but please make sure you have backups.
    0
  • Kent Brockman
    Ok, no, unmanaged zones script is dangerous on DNS Only server because it would delete ALL the stored entries. Then you should run Syncrhonize DNS Records from every child server, in "all records to all servers" mode. But it's a very hard manual job.
    I think the more interesting issue is how you ended up with unmanaged zones in both places.

    Just an incorrect setup, from a time in which documentation was misunderstood due to its lack of clarity and then all servers were in sync with each others, rather than Write-Only to DNS servers...
    0
  • Kent Brockman
    @cPRex: I'm seeing the /scripts/autorepair unmanaged_zones has an important bug: it also delete the hostname that you may previously have added using the WHM interface "Add an A Entry for Your Hostname", and that's a no-no. This should be kept as some hostnames may contain important information in form of TXT entries. Not to mention that this destroy the DKIM and SPF signatures for that server. Please provide a fast way to rebuild this mess by using console commands to: - Add the A Entry for the Hostname. - Create DKIM and SPF entries for that hostname. - Synchronize the zone to the Cluster. Thanks in advance
    0
  • cPRex Jurassic Moderator
    Thanks for bringing this up. I'll do some testing and I'll let you know!
    0
  • cPRex Jurassic Moderator
    I was able to confirm this behavior on my end, and I've created case CPANEL-42193 to see if we can adjust the detection of the unmanaged_zones tool. If I get updates I'll be sure to post them here!
    0

Please sign in to leave a comment.