LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Fedora
User Name
Password
Fedora This forum is for the discussion of the Fedora Project.

Notices

Closed Thread
 
Search this Thread
Old 08-31-2009, 08:16 AM   #1
abhijit_mohanta
LQ Newbie
 
Registered: Apr 2008
Posts: 27

Rep: Reputation: 15
not able to start bind:SELinux is preventing the named daemon from writing to the zon


I am getting the following error when i start bind
SELinux is preventing the named daemon from writing to the zone directory

I have done all configurations in bind according to following link
fedora version 9
hopefully can be solved by audit2allow.

command:audit2allow -i /var/log/audit/audit.log -l

output:
#============= named_t ==============
allow named_t named_zone_t:dir write;


Can anybody help?
 
Old 08-31-2009, 08:37 AM   #2
kdelover
Member
 
Registered: Aug 2009
Posts: 311

Rep: Reputation: 36
am not so good with selinux all i know is put selinux in permissive mode rather than having it in enforcing or disabled mode.

do getsebool and see what mode it is in and then do a setsebool 0
 
Old 08-31-2009, 08:40 AM   #3
abhijit_mohanta
LQ Newbie
 
Registered: Apr 2008
Posts: 27

Original Poster
Rep: Reputation: 15
can u plz tell me how to put selinux in permissive mode
 
Old 08-31-2009, 08:46 AM   #4
markotitel
Member
 
Registered: Feb 2009
Location: Titel - Serbia
Posts: 164

Rep: Reputation: 18
You can try this
Quote:
system-config-securitylevel-tui
and then set it up

Last edited by markotitel; 08-31-2009 at 08:46 AM. Reason: type error
 
Old 08-31-2009, 09:08 AM   #5
kdelover
Member
 
Registered: Aug 2009
Posts: 311

Rep: Reputation: 36
setsebool 0 do a man setsebool.
 
Old 09-01-2009, 06:03 PM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,564
Blog Entries: 54

Rep: Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927
Quote:
Originally Posted by kdelover View Post
am not so good with selinux all i know is put selinux in permissive mode rather than having it in enforcing or disabled mode.
Disabling SELinux is not the preferred way of dealing with issues. Rather than taking the easy way out, comfortably learning nothing in the process, you could try to understand what the error is about and how to correct it.


Quote:
Originally Posted by abhijit_mohanta View Post
Code:
#============= named_t ==============
allow named_t named_zone_t:dir write;
This would make sense if the Fedora SELinux BIND policy didn't already allow named_t to write to named_zone_t. Odd. See if there's any inactive booleans? Run 'getsebool -a|grep named'. If you like Fedora you should keep up with the release schedule (11 is current now) or choose a distribution with a less demanding update schedule because Fedora 9 is outdated and no longer maintained (if you didn't know).
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
fedora bind start problem: SELinux is preventing the named daemon from writing to the abhijit_mohanta Linux - Networking 1 08-31-2009 09:03 AM
bind (named) won't start skibler1223 Linux - Server 3 07-22-2008 09:09 PM
BIND version 9.2.2 problem with Named daemon?! ccimo Linux - General 2 01-21-2007 08:32 PM
named / BIND won't start TruthSeeker Linux - Newbie 5 07-24-2006 09:40 AM
writing multihoming daemon without bind blackzone Linux - Networking 0 08-26-2004 10:40 PM


All times are GMT -5. The time now is 12:07 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration