On Sep 9, 2010, at 5:02 PM, Lyle Giese wrote: > wllarso wrote: >> >> I'm not any sort of Linux expert but this started my mind thinking. >> >> Take a look at the BIND FAQ, it comes with the sources. There are some Linux >> specific comments about file and directory permissions. Bind running under >> Linux drops special 'root' permissions when it starts up. >> > I am not using the -u option nor am I running in a CHROOT environment. ps > shows root owning the named process. >> Also, there are specific issues when running the Security Enhanced Linux. >> This may be your situation, or not. We can't tell. >> > I have never on purpose enabled SELinux<GRIN>!
On SLES, look for AppArmor. You may find that an AppArmor profile is stifling what named can do. Try disabling it. IMO, SELinux and AppArmor have their place, but you generally have to create or customize your own security profile to allow services to work the way you want them to. Both SUSE and RHEL/Fedora/CentOS make the assumption that you will use the provided management tools, or none at all, rather than using any 3rd party management system. Chris Buxton BlueCat Networks _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
