LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 01-04-2006, 09:12 PM   #1
lindatan83
LQ Newbie
 
Registered: Dec 2005
Location: Singapore
Posts: 1

Rep: Reputation: 0
Slave DNS Error


Dear all,

My slave DNS encountered a permission denied error while receiving file from the master sever. I have changed all the files and folders permission to named user.

Error message from slaveDNS

dumping master file: tmp-XXXX3Qanex: open: permission denied
Jan 5 11:03:26 slaveDNS kernel: audit(1136430206.922:0): avc: denied { write } for pid=4086 comm=named name=named dev=sda3 ino=1687907 scontext=root:system_r:named_t tcontext=rootbject_r:etc_t tclass=dir
Jan 5 11:03:26 slaveDNS named[4084]: transfer of 'xxx.com/IN' from 192.168.0.221#53: failed while receiving responses: permission denied
Jan 5 11:03:26 slaveDNS named[4084]: transfer of 'xxx.com/IN' from 192.168.0.221#53: end of transfer

SlaveDNS - named.conf

zone "xxx.com" {
type slave;
file "xxx.com";
masters { 192.168.0.221; };
};

MasterDNS - named.conf

options {
directory "/etc/named";
allow-transfer { 192.168.0.222; };
};

zone "xxx.com" {
type master;
file "xxx.com";
};

Please advise.
 
Old 09-01-2006, 09:02 PM   #2
knetknight
Member
 
Registered: Oct 2002
Location: Kansas City
Distribution: OpenSUSE, Fedora
Posts: 64

Rep: Reputation: 15
I know your post is kinda old but your symptoms are similar to mine. You wouldn't happen to have had this problem, and since solved it, on a suse 10.1 box did you? I've setup named many many times before with no problem but never on suse 10.1 (until today) and I'm having the exact errors you reported, even if I use suse 10.1's own DNS configuration tool, setting it up as DNS slave. I've found two temporary workarounds, on suse 10.1 anyway, that are simple and functional, if less than ideal in some ways.

option #1: Edit /etc/sysconfig/named and disable the chroot jail.

OR

option #2: Don't use a file "/path/to/file"; option in the slave definition, which keeps the zone data in ram and bypasses the need to write to a file at all and thus no permissions problems.

#2 is the better of the two imho as it doesn't compromise chroot security. It doesn't achieve a "hard copy" of the slave zone however if that's important to you. This is what i've settled for until I can figure out what 10.1's looking for.

Since SUSE's own DNS config tool couldn't make it work I have to believe it's a suse 10.1 bug. I haven't found anything on google for other 10.1 users having the same problem so if it's not a bug then my system is either uniquely jacked or I've overlooked something that's supposed to be obvious.

I'm going to keep plugging away at this but if anyone happens to know the cure I'm open to info., thanks.

Last edited by knetknight; 09-01-2006 at 10:45 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS SLAVE problem cccc Linux - General 0 11-29-2005 05:08 PM
transfer error to slave dns server robertngo Linux - Software 1 07-06-2005 11:06 PM
Slave Dns Question kemplej Linux - Networking 5 12-23-2004 01:58 PM
Slave DNS server guntanis Linux - Networking 4 12-10-2003 09:02 AM
slave DNS problems granny Linux - Networking 17 12-27-2002 08:06 PM


All times are GMT -5. The time now is 05:48 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration