Install PowerDNS on CentOS 8 with MariaDB & PowerDNS-Admin

Posted on 225 views

What is PowerDNS?. PowerDNS is an open-source authoritative name server which has been used as an alternative to BIND DNS. PowerDNS offers higher performance with minimal memory usage. An authoritative name server gives records directly from itself as opposed to recursive name servers which query other name servers to get required answers. In this guide, we are going to look at how to install PowerDNS on CentOS 8 with MariaDB and PowerDNS-Admin.

Step 1: Prepare your server

First we are going to disable CentOS SElinux to ensure that it does not prevent any installation we are going to perform.

$ sudo vim /etc/selinux/config

Edit the lines as shown so that SElinux is disabled. Save the file and reboot you server

# This file controls the state of SELinux on the system. 
# SELINUX= can take one of these three values: 
#     enforcing - SELinux security policy is enforced. 
#     permissive - SELinux prints warnings instead of enforcing. 
#     disabled - No SELinux policy is loaded. 
# SELINUXTYPE= can take one of these three values: 
#     targeted - Targeted processes are protected, 
#     minimum - Modification of targeted policy. Only selected processes are protected.  
#     mls - Multi Level Security protection. 

Reboot your server

sudo reboot

Step 2: Install EPEL and Remi repositories.

We need to install PowerDNS dependencies first. In this case, we are installing EPEL repository and REMI for PHP installation. Run the below commands.

sudo dnf -y install epel-release
sudo dnf -y install

Having added the repositories enable PHP 7.4 Remi repository with the below commands.

sudo dnf module enable php:remi-7.4

Step 3: Install and Configure MariaDB

Run the below command to install MariaDB on your server.

sudo dnf -y install mariadb mariadb-server

Once installation is complete, start MariaDB service and enable it to start on boot.

sudo systemctl start mariadb
sudo systemctl enable mariadb

MariaDB service is now running. We need to secure it and set root password. Use the below shown commands.

sudo mysql_secure_installation

Answer the prompts as shown:

Answer the prompts as shown:

In order to log into MariaDB to secure it, we'll need the current 
password for the root user.  If you've just installed MariaDB, and 
you haven't set the root password yet, the password will be blank, 
so you should just press enter here. 

Enter current password for root (enter for none):  Press Enter
OK, successfully used password, moving on... 

Setting the root password ensures that nobody can log into the MariaDB 
root user without the proper authorization. 

Set root password? [Y/n] y
New password:  Enter New Password
Re-enter new password:  Repeat New Password 
Password updated successfully! 
Reloading privilege tables.. 
... Success! 
By default, a MariaDB installation has an anonymous user, allowing anyone 
to log into MariaDB without having to have a user account created for 
them.  This is intended only for testing, and to make the installation 
go a bit smoother.  You should remove them before moving into a 
production environment. 

Remove anonymous users? [Y/n] Y 
... Success! 

Normally, root should only be allowed to connect from 'localhost'.  This 
ensures that someone cannot guess at the root password from the network. 

Disallow root login remotely? [Y/n] Y 
... Success! 

By default, MariaDB comes with a database named 'test' that anyone can 
access.  This is also intended only for testing, and should be removed 
before moving into a production environment. 

Remove test database and access to it? [Y/n] Y 
- Dropping test database... 
... Success! 
- Removing privileges on test database... 
... Success! 
Reloading the privilege tables will ensure that all changes made so far 
will take effect immediately. 

Reload privilege tables now? [Y/n] Y 
... Success! 

Cleaning up... 

All done!  If you've completed all of the above steps, your MariaDB

Next, we need to create a database for PowerDNS installation and add a user to manage the database. First, login to MariaDB using the below command:

$ mysql -u root -p 

Enter the password you set above and go ahead to create a database and a user and give the user all rights to the databases.

Enter password:  Enter your DB root password
Welcome to the MariaDB monitor.  Commands end with ; or \g. 
Your MariaDB connection id is 17 
Server version: 10.3.17-MariaDB MariaDB Server 

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. 

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. 

MariaDB [(none)]> create database powerdns; 
Query OK, 1 row affected (0.000 sec) 

MariaDB [(none)]> create user 'pdns' identified by 'mypassword' ;
Query OK, 0 rows affected (0.000 sec) 

MariaDB [(none)]>  grant all privileges on powerdns.* to 'pdns'@'localhost' identified by 'mypassword';          
Query OK, 0 rows affected (0.000 sec) 

MariaDB [(none)]> flush privileges; 
Query OK, 0 rows affected (0.001 sec)

Once you have the database and user created, create table structures for the created DB by running the below shown MySQL commands:

use powerdns;

Run the following MySQL commands

CREATE TABLE domains (
   id                    INT AUTO_INCREMENT,
   name                  VARCHAR(255) NOT NULL,
   master                VARCHAR(128) DEFAULT NULL,
   last_check            INT DEFAULT NULL,
   type                  VARCHAR(6) NOT NULL,
   notified_serial       INT DEFAULT NULL,
   account               VARCHAR(40) DEFAULT NULL,
 ) Engine=InnoDB;
 CREATE UNIQUE INDEX name_index ON domains(name);
 CREATE TABLE records (
   id                    BIGINT AUTO_INCREMENT,
   domain_id             INT DEFAULT NULL,
   name                  VARCHAR(255) DEFAULT NULL,
   type                  VARCHAR(10) DEFAULT NULL,
   content               VARCHAR(64000) DEFAULT NULL,
  ttl                   INT DEFAULT NULL,
   prio                  INT DEFAULT NULL,
   change_date           INT DEFAULT NULL,
   disabled              TINYINT(1) DEFAULT 0,
   ordername             VARCHAR(255) BINARY DEFAULT NULL,
   auth                  TINYINT(1) DEFAULT 1,
 ) Engine=InnoDB;
 CREATE INDEX nametype_index ON records(name,type);
 CREATE INDEX domain_id ON records(domain_id);
 CREATE INDEX recordorder ON records (domain_id, ordername);
 CREATE TABLE supermasters (
   ip                    VARCHAR(64) NOT NULL,
   nameserver            VARCHAR(255) NOT NULL,
   account               VARCHAR(40) NOT NULL,
   PRIMARY KEY (ip, nameserver)
 ) Engine=InnoDB;
 CREATE TABLE comments (
   id                    INT AUTO_INCREMENT,
   domain_id             INT NOT NULL,
   name                  VARCHAR(255) NOT NULL,
   type                  VARCHAR(10) NOT NULL,
   modified_at           INT NOT NULL,
   account               VARCHAR(40) NOT NULL,
   comment               VARCHAR(64000) NOT NULL,
 ) Engine=InnoDB;
CREATE INDEX comments_domain_id_idx ON comments (domain_id);
 CREATE INDEX comments_name_type_idx ON comments (name, type);
 CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
 CREATE TABLE domainmetadata (
   id                    INT AUTO_INCREMENT,
   domain_id             INT NOT NULL,
   kind                  VARCHAR(32),
   content               TEXT,
 ) Engine=InnoDB;
 CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
 CREATE TABLE cryptokeys (
 id                    INT AUTO_INCREMENT,
   domain_id             INT NOT NULL,
   flags                 INT NOT NULL,
   active                BOOL,
   content               TEXT,
 ) Engine=InnoDB;
 CREATE INDEX domainidindex ON cryptokeys(domain_id);
 CREATE TABLE tsigkeys (
   id                    INT AUTO_INCREMENT,
   name                  VARCHAR(255),
   algorithm             VARCHAR(50),
   secret                VARCHAR(255),
 ) Engine=InnoDB;
 CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

You can confirm if the tables were created as below:

MariaDB [powerdns]> show tables; 
| Tables_in_powerdns | 
| comments           | 
| cryptokeys         | 
| domainmetadata     | 
| domains            | 
| records            | 
| supermasters       | 
| tsigkeys           | 
7 rows in set (0.000 sec)

Step 4: Install PowerDNS on CentOS 8

First you need to disable systemd-resolve which comes with CentOS by default. This is meant to prevent conflicting ports since PowerDNS will also use port 53

sudo systemctl disable systemd-resolved
sudo systemctl stop systemd-resolved

Also remove the symlinked resolve.conf and create a new one.

$ ls -lh /etc/resolv.conf
$ echo "nameserver" | sudo tee /etc/resolv.conf

Now it is time to install PowerDNS. Use the command below:

sudo dnf -y install pdns pdns-backend-mysql bind-utils

The default PowerDNS configuration file is /etc/pdns/pdns.conf. Open the file with your favorite editor. By default, PowerDNS used bind as backend. We need to disable this by commenting the line launch=bind and allow MySQL backend configuration. Edit the file as below:


Save the changes and close the file. Go ahead to start PowerDNS service and enable it to start on boot.

sudo systemctl start pdns.
sudo systemctl enable pdns

Allow the DNS service through the firewall as well

sudo firewall-cmd --add-service=dns --permanent
sudo firewall-cmd –reload

At this PowerDNS is installed and running. You can confirm status using the command below.

$ systemctl status pdns



Step 5: Install PowerAdmin on CentOS 8

PowerAdmin is a web-based application for managing PowerDNS and it is based on PHP. To install it, we first need to install PHP to enable us to run the application.

sudo dnf -y install httpd php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mhash gettext

Also, install additional php pear packages as shown:

sudo dnf -y install php-pear-DB

Now start httpd service and enable it to start on system boot

sudo systemctl start httpd
sudo systemctl enable httpd

Confirm httpd service with the below command

systemctl status httpd



Next, you need to download PowerDNS code. Change to /var/www/html and run the sown commands


Now extract the archived file and give it a new name

tar xvf poweradmin-2.1.7.tgz
mv poweradmin-2.1.7/ cd /var/www/html/poweradmin/

Allow HTTP and HTTPS protocols through the firewall.

sudo firewall-cmd --add-service=http,https --permanent
sudo firewall-cmd –reload

At this point we can proceed with online set up for PowerAdmin. Open your browser and type http:///poweradmin/install. You will see a page as shown


choose your preferred language and click Go to step 2 and in the next page, click Go to step 3

You will see a page to configure your database. Here,use the details that you had used before while creating your PowerDNS database.


Next is to create a user with limited privilege.


Click Go to step 5 where you will see the details of the added user. At this point, you go back to your terminal to grant the new user the named permissions by running the below MySQL command.

GRANT SELECT, INSERT, UPDATE, DELETE  ON powerdns.* TO 'lorna'@'localhost' IDENTIFIED BY 'mypassword'

Now, Go back to the web browser and Click Go to step 6. You will see a page as below, telling you to create the file “../inc/” manually.


On your terminal, run the commands shown:

cd /var/www/html/poweradmin
sudo vim inc/

And paste the content from the web page and save the file.

Go back to the browser and click Go to step 7. You will see that you have finished configuration.


To support URLs used by other Dynamic providers,run the commands below:

cd /var/www/html/poweradmin
sudo cp install/htaccess.dist .htaccess

Note that you MUST remove the ‘install’ directory to proceed.

sudo rm -rf /var/www/html/poweradmin/install

Now go back to your browser and type http:///poweradmin.


Login with user ‘admin’ and the password you had set for the admin user and click GO. You will see a page as shown.


Your installation is complete! You can now go ahead to add a master zone.

This has been a step-by-step guide on how to install PowerDNS on CentOS 8 with MariaDB and PowerAdmin.


Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.