While I appreciate your views/opinion on AppArmor, the problem started w/ chrooting bind. I did, indeed, follow the steps exactly by stopping and purging AppArmor from the system.
With AppArmor purged AND later w/ it re-installed (w/ the appropriate lines added to the AppArmor named profile - at NO point did I get any error suggesting it was related to AppArmor ie:
... kernel: [ 9136.933011] audit(1206428817.898:3): operation="inode_permission" request_mask="r::" denied_mask="r::" name="/var/lib/named/etc/bind/named.conf" pid=11825 profile="/usr/sbin/named" namespace="default"
However, under both scenarios, I only obtained syslog errors directly related to and fixed by assigning 755 permissions to the chrooted directories created in step #13, page #4 of the tutorial (specifically those in /var/lib/named/... ) In ferreting thru the various threads, it seems an equal number trying the tutorial, run into either the AppArmor errors OR the same Bind9 permission errors, ie:
... named: starting BIND 9.4.2 -u bind -t /var/lib/named
... named: found 1 CPU, using 1 worker thread
... named: loading configuration from '/etc/bind/named.conf'
... named: none:0: open: /etc/bind/named.conf: permission denied
... named: loading configuration: permission denied
... named: exiting (due to fatal error)
Which is why I posted the permission issues I found on a virgin install.
Bind9 failed in the same way when the server was gutted, AppArmor stopped/purged, and rebooted as when AppArmor was re-installed and correctly configured - so I'm not thinking it is/was a AppArmor issue.
AppArmor may well get purged before I'm done setting up the server completely, but I don't think the issues w/ chrooting bind can all be dismissed as AppArmor as the sole culprit.