I'm pretty sure I got this sorted -- as you said, perms. With default ownership of root:named, both the zone & jnl files need to be group writeable inside the chroot.
That's fixed now, and I'm getting jnl data written to zone files. (1) Thanks! (2) No idea why I see no logging of these perm errors. I couldn't pick the perm prob out of strace or logs. Your prodding and just staring at my dir/file perms did the trick. I'm now cleaning up my chroot script. General question -- When I want to change a zone file's data manually, say to add an A record, what's the right procedure: (1) change it in the chroot dir/file, then copy to the on-disk data? or (2) change it in the on-disk data, then restart the nameserver? To me, change in the live-data, i.e., in the chroot makes the most sense. If yes, what do folks do about getting that data saved back to disk? Wait until dns RESTART, sync'ing everything back up at chroot tear-down & set-up? Or do an update *immediately* on data change at the chroot? _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
