Named configuration
Rick Stevens
rstevens at vitalstream.com
Thu May 4 18:02:10 UTC 2006
On Thu, 2006-05-04 at 09:50 -0700, Scott Becker wrote:
> I'm trying to configure a secondary dns server. I've got the zone
> transfer authorized but get a local permission error:
>
> May 3 17:27:14 www2 named[915]: dumping master file: tmp-XXXXlUMGRj:
> open: permission denied
> May 3 17:27:14 www2 named[915]: transfer of 'fastbid.net/IN' from
> 216.57.210.178#53: failed while receiving responses: permission denied
> May 3 17:27:14 www2 named[915]: transfer of 'fastbid.net/IN' from
> 216.57.210.178#53: end of transfer
>
>
> I'm running RHEL4 ES and the bind install uses a chroot. I'm unfamiliar
> with this chroot configuration and I've never setup a slave before.
> It seems that named should be using /var/named/chroot/var/tmp for it's
> tmp files. This folder is owned by named:
>
> drwxrwx--- 2 named named 4096 Mar 13 2003 tmp
>
> and should not generate this error. I suspect that named is trying to
> use a different tmp folder but the error messages doesn't show the full
> path. Any help debugging this would be appreciated. I can't experiment
> freely because it's also a production server. Can named be told to be
> more verbose?
Yes, include "-d val", where "val" is a digit. The higher the value,
the more verbose the logging is.
You must make sure that /var/named/chroot and ALL of its children are
readable and writable by named. Yes, "~named/chroot/var/tmp" is
readable, but is its parent (~named/chroot/var)?
Actually, they should be user named, group named. I don't know why they
insist on distributing the stuff as root:named with 750 permissions, but
they do. That can be fixed by executing the following commands as root:
cd /var/named
chown -R named:named chroot
Hope that helps.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- To err is human. To forgive, a large sum of money is needed. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list