Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
08-04-2005, 05:06 AM
|
#1
|
Member
Registered: Aug 2004
Location: The Netherlands
Distribution: RedHat 2, 3, 4, 5, Fedora, SuSE, Gentoo
Posts: 372
Rep:
|
Fedora bind-chroot permissions wrong
Hi,
I am running Bind chrooted on my FC3 machine.
this causes the files to be relative to /var/named/chroot.
In this folder I have an etc/named.conf telling the files are stored in /var/named/. (And this is, again, relative to above directory).
All files are there, that's good. the daemon works well and can find all files...
Additionally, I am using dynamic updates, so DHCP can register new hosts (and I use dns updates using the dynamic update mechanism, not by editing the zone files directly. This results the named daemon to write to journal. All still fine, as long as the files are existent.
As soon as named wants to create a new file though, it bounces back because the '/var/named' folder is owned by root:named and has mode 750. (this is default from the RPM)
Every fifteen minutes I see these log entries:
Aug 4 11:43:53 server named[16187]: dumping master file: tmp-XXXXAVqYmz: open: permission denied
Aug 4 11:43:53 server named[16187]: zone homenet.local/IN: dump failed: permission denied
Aug 4 11:43:53 server named[16187]: dumping master file: tmp-XXXXOE76Mf: open: permission denied
Aug 4 11:43:53 server named[16187]: zone 0.168.192.in-addr.arpa/IN: dump failed: permission denied
As soon as I either chown the directory to named:named, or make it mode 770, the daemon can do its work again... But why would I need to do this action every time my RPMs get updated?
What I mean is: the bind-chroot package is simply not correct in my opinion, unless I have some sort of configuration error...
Can anybody clarify this or help me resolve this issue?
|
|
|
08-07-2005, 09:47 PM
|
#2
|
LQ Newbie
Registered: Oct 2003
Posts: 13
Rep:
|
Hi,
Ive just found this post, as ive been receiving the same error while trying to configure a dns secondary on my FC3 server. I have now solved my problem however as there was no reply here I thought i'd come back and add one.
Firstly, named should not need to write anything outside of its chroot, not should it be able to, so therefore the default permissions would seem to be correct. I dont know why your config would be trying to do this?
In my case the problem was as a secondary it was trying to transfer the zone (full path shown, but chrooted operation) /var/named/chroot/var/named/ which was incorrect. I modified my config for my case (adding slaves/)
// serve as secondary for internal
zone "internal" IN {
type slave;
file "slaves/named.internal"; <-- added slaves/ here
// where the primary nameserver lives
masters { 10.0.0.1; };
};
And the permission error went away and all now works well.
|
|
|
All times are GMT -5. The time now is 12:41 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|