Chris Buxton wrote: > On Sep 9, 2010, at 5:02 PM, Lyle Giese wrote: > > >> wllarso wrote: >> >>> I'm not any sort of Linux expert but this started my mind thinking. >>> >>> Take a look at the BIND FAQ, it comes with the sources. There are some >>> Linux specific comments about file and directory permissions. Bind running >>> under Linux drops special 'root' permissions when it starts up. >>> >>> >> I am not using the -u option nor am I running in a CHROOT environment. ps >> shows root owning the named process. >> >>> Also, there are specific issues when running the Security Enhanced Linux. >>> This may be your situation, or not. We can't tell. >>> >>> >> I have never on purpose enabled SELinux<GRIN>! >> > > On SLES, look for AppArmor. You may find that an AppArmor profile is stifling > what named can do. Try disabling it. > > IMO, SELinux and AppArmor have their place, but you generally have to create > or customize your own security profile to allow services to work the way you > want them to. Both SUSE and RHEL/Fedora/CentOS make the assumption that you > will use the provided management tools, or none at all, rather than using any > 3rd party management system. > > Chris Buxton > BlueCat Networks Thanks, Chris. That is exactly what it was. AppArmor.
Lyle Giese LCR Computer Services, Inc.
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
