LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   bind chroot - the working directory is not writable (http://www.linuxquestions.org/questions/linux-server-73/bind-chroot-the-working-directory-is-not-writable-888599/)

savona 06-27-2011 11:36 AM

bind chroot - the working directory is not writable
 
I have just installed RHEL 6 and installed bind-chroot via yum.

I am trying to configure everything to match our old servers. Everything seems find except I keep receiving the following error in /var/log/messages:

Jun 27 12:28:54 intns1 named[13175]: the working directory is not writable

In the bind log I am also seeing:


27-Jun-2011 12:30:00.979 general: error: dumping master file: tmp-mpFV9Kjw1k: open: permission denied


Which I am assuming is because the working dir is not writeable.


Why working directory is set:

options {
directory "/var/named/data";

It seems to be writable:

drwxrwx---. 2 named named 4096 May 27 06:38 data



Any help would be appreciated.

bathory 06-27-2011 12:14 PM

Hi,

If you have installed bind-chroot, then in your case the working directory is /var/named/chroot/var/named/data.
The 1st part (/var/named/chroot) is the jail under which named operates and the 2nd (/var/named/data) is the one defined by the "directory" option in named.conf
Take a look at this howto for details

Regards

savona 06-27-2011 01:13 PM

Quote:

Originally Posted by bathory (Post 4397091)
Hi,

If you have installed bind-chroot, then in your case the working directory is /var/named/chroot/var/named/data.
The 1st part (/var/named/chroot) is the jail under which named operates and the 2nd (/var/named/data) is the one defined by the "directory" option in named.conf
Take a look at this howto for details

Regards

I understand what your saying, but since bind is running in the chroot it only needs the "2nd" part correct?

For example I am using /var/named/chroot as the jail, and /var/named/data as the working directory.

drwxrwx---. 2 named named 4096 Jun 27 11:53 /var/named/chroot/var/named/data

But it still says its not writable. :(

bathory 06-27-2011 02:02 PM

Then I guess it's SELinux
I'm not running RHEL, but I guess
Code:

chcon -R system_u:object_r:named_cache_t /var/named/chroot
should work.
You may take a look here for details.

Regards

savona 06-28-2011 08:36 AM

Quote:

Originally Posted by bathory (Post 4397194)
Then I guess it's SELinux
I'm not running RHEL, but I guess
Code:

chcon -R system_u:object_r:named_cache_t /var/named/chroot
should work.
You may take a look here for details.

Regards

Thanks a million, it turned out it was selinux. I should have thought of that.

I used audit2allow to create a policy from the audit log, now everything is working correctly.

lazydog 06-28-2011 10:32 AM

By default SELinux on RH only allows writing to the slave directory.


All times are GMT -5. The time now is 08:53 PM.