LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Password
Red Hat This forum is for the discussion of Red Hat Linux.

Notices

Reply
 
Search this Thread
Old 04-08-2013, 12:44 PM   #1
jfmays
LQ Newbie
 
Registered: Mar 2013
Posts: 8

Rep: Reputation: Disabled
named in slave mode not copying files


Running RHEL 6.1 named. Have it running in primary mode on one server, and slave mode on the other. The slave version gets the zones from the primary version, but it is not capable of creating the slave files. So it works, but I'm aware that if the secondary ever rebooted while the primary was down, neither would work.

I believe I had the persmissions correct on the directories, but I even went beyond that and changed /var, /var/named and everything under /var/named to 777 permissions. In /etc/sysconfig/named I have set --

ENABLE_ZONE_WRITE=yes
named_write_master_zones=yes

Still get the following error --

Code:
Apr  8 12:18:14 postgres-02 named[6248]: dumping master file: /var/named/slaves/tmp-6QzqbnrkFm: open: permission denied
Apr  8 12:18:14 postgres-02 kernel: type=1400 audit(1365441494.693:264460): avc:  denied  { write } for  pid=6251 comm="named" name="slaves" dev=dm-0 ino=131232 scontext=system_u:system_r:named_t:s0 tcontext=system_u:object_r:named_zone_t:s0 tclass=dir
Apr  8 12:18:14 postgres-02 named[6248]: dumping master file: /var/named/slaves/tmp-R9d4zgBXzF: open: permission denied
Apr  8 12:18:14 postgres-02 kernel: type=1400 audit(1365441494.703:264461): avc:  denied  { write } for  pid=6251 comm="named" name="slaves" dev=dm-0 ino=131232 scontext=system_u:system_r:named_t:s0 tcontext=system_u:object_r:named_zone_t:s0 tclass=dir
What am I overlooking?
 
Old 04-08-2013, 02:16 PM   #2
ArcLinux
Member
 
Registered: Apr 2005
Location: Fargo, ND
Distribution: Slackware, CentOS
Posts: 87

Rep: Reputation: 20
SElinux or apparmor?

most likely the issue.
 
Old 04-08-2013, 02:22 PM   #3
jfmays
LQ Newbie
 
Registered: Mar 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
I didn't set up this server, so I'm not 100% certain if SElinux or apparmor is running, but if they are, shouldn't the settings I mentioned in /etc/sysconfig/named give the appropriate permissions?

How do I tell if selinux or apparmor is running? If they are, how do I set them to allow named to write files?
 
Old 04-08-2013, 08:57 PM   #4
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,264

Rep: Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028
Those avc warnings are from SELinux, but I'd try to find out why its not working rather than turn SELinux off.
Possibly its a bug and one of the SELinux types is wrong.
http://www.linuxtopia.org/online_boo...hel_6_selinux/

Also, normally named is chrooted these days, so maybe it should be writing elsewhere viz:
Quote:
If you have installed the bind-chroot package, the BIND service will run in the /var/named/chroot environment. All configuration files will be moved there. As such, named.conf will be located in /var/named/chroot/etc/named.conf, and so on.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Copying files and sub-directories of a directory except the directories named ".abc" sri1025 Linux - General 2 08-24-2010 08:53 AM
[SOLVED] Copying /var/named files from Fedora 7 to Fedora 11 does not configure bind charlweed Linux - Networking 2 10-24-2009 10:22 AM
transfer named.conf file from master to slave nameserver sowell Linux - Server 8 01-23-2008 08:42 PM
named updating slave problem sir-lancealot Linux - Server 0 08-21-2007 10:00 AM
DNS named.conf master/slave question pao Linux - Networking 5 11-12-2004 04:50 AM


All times are GMT -5. The time now is 03:15 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration