View Single Post
  #24  
Old 23rd December 2008, 16:32
docfx docfx is offline
Junior Member
 
Join Date: Dec 2008
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default more info

just for grins, I also tried chmod 755 /var/lib/named. Bind still failed, but now w/ new errors:
Code:
Dec 23 09:11:24 wonder named[10340]: starting BIND 9.4.2-P2 -u bind -t /var/lib/named
Dec 23 09:11:24 wonder named[10340]: found 1 CPU, using 1 worker thread
Dec 23 09:11:24 wonder named[10340]: loading configuration from '/etc/bind/named.conf'
Dec 23 09:11:24 wonder named[10340]: /etc/bind/named.conf.options:93: change directory to '/var/cache/bind' failed: permission denied
Dec 23 09:11:24 wonder named[10340]: /etc/bind/named.conf.options:93: parsing failed
Dec 23 09:11:24 wonder named[10340]: loading configuration: permission denied
Dec 23 09:11:24 wonder named[10340]: exiting (due to fatal error)
var is owned 755 root:root, /var/cache is 755 root:root, and /var/cache/bind is 755 bind:bind (also tried 755 root:bind for the last dir, but bind still failed).

/etc/apparmor.d/usr.sbin.named shows:
Code:
 # Dynamic updates needs zone and journal files rw. We just allow rw for all
  # in /etc/bind, and let DAC handle the rest > moved to /var/lib/named/etc/bind
  /var/lib/named/etc/bind/* rw,

  # if local zones are in a subdirectory
  /var/lib/named/etc/bind/zones/* rw,
  /var/lib/named/etc/bind/zones/external/* rw,
  /var/lib/named/etc/bind/zones/internal/* rw,

  /var/lib/bind/** rw,
  /var/lib/bind/ rw,
  /var/cache/bind/** rw,
  /var/cache/bind/ rw,

  # some people like to put logs in /var/log/named/
  /var/log/named/** rw,

  # dnscvsutil package
  /var/lib/dnscvsutil/compiled/** rw,

  /proc/net/if_inet6 r,
  /usr/sbin/named mr,
  /var/lib/named/var/run/bind/run/named.pid w,
  #/var/run/bind/run/named.pid w,
  # support for resolvconf
  /var/lib/named/var/run/bind/named.options r,
  #/var/run/bind/named.options r,

# add also following lines thanks to Spezi2u
  /var/lib/named/dev/null rw,
  /var/lib/named/dev/random rw,
Reply With Quote