Got these messages in syslog:
Code:
Jan 26 15:24:58 marconi named[28544]: starting BIND 9.6.1-P2 -u bind
Jan 26 15:24:58 marconi named[28544]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2'
Jan 26 15:24:58 marconi named[28544]: adjusted limit on open files from 1024 to 1048576
Jan 26 15:24:58 marconi named[28544]: found 4 CPUs, using 4 worker threads
Jan 26 15:24:58 marconi named[28544]: using up to 4096 sockets
Jan 26 15:24:58 marconi named[28544]: loading configuration from '/etc/bind/named.conf'
Jan 26 15:24:58 marconi named[28544]: none:0: open: /etc/bind/named.conf: permission denied
Jan 26 15:24:58 marconi named[28544]: loading configuration: permission denied
Jan 26 15:24:58 marconi named[28544]: exiting (due to fatal error)
However, the config file should be readable even by user bind:
Code:
drwxr-xr-x 21 root root 4096 Jan 15 15:12 /
drwxr-xr-x 103 root root 4096 Jan 26 15:16 /etc
drwxr-xr-x 21 root root 4096 Jan 15 15:12 /etc/..
drwxr-xr-x 18 root root 4096 Jan 26 15:14 /etc/../var
drwxr-xr-x 8 root root 4096 Jan 26 15:14 /etc/../var/bind
-rw-r--r-- 1 root root 90472 Jan 26 15:14 /etc/../var/bind/named.conf
lrwxrwxrwx 1 root root 11 Jan 26 15:16 /etc/bind -> ../var/bind
drwxr-xr-x 18 root root 4096 Jan 26 15:14 /var
drwxr-xr-x 8 root root 4096 Jan 26 15:14 /var/bind
-rw-r--r-- 1 root root 90472 Jan 26 15:14 /var/bind/named.conf
Yet it clearly fails, as shown by strace:
Code:
28549 15:24:58.954809 sendto(3, "<30>Jan 26 15:24:58 named[28544]: loading configuration from '/etc/bind/named.conf'", 83, MSG_NOSIGNAL, NULL, 0) = 83
28549 15:24:58.954940 open("/etc/bind/named.conf", O_RDONLY) = -1 EACCES (Permission denied)
28549 15:24:58.955059 sendto(3, "<27>Jan 26 15:24:58 named[28544]: none:0: open: /etc/bind/named.conf: permission denied", 87, MSG_NOSIGNAL, NULL, 0) = 87
This is BIND 9.6.1-P2 running on Ubuntu Server 9.10. Any idea what is going on? When I move all the files from /var/bind into /etc/bind (replacing the symlink that was at /etc/bind), and change all instances of "/var" to "/etc", then it works. It seems to be the symlink that is doing it. Yet I need to get this moved over to "/var" and the Ubuntu packagers built it to use "/etc/bind".
Also, when I su to user "bind" and run "md5sum /etc/bind/named.conf" (with the symlink in place) it is able to read it just fine. Other users can read it just find. It's the "/usr/sbin/named" program that can't.