hi
Think ownership, permission and things like SELinux, AppArmore depending on
your OS.
on this box, no SELinux or AppArmor
in my named.conf
directory "/namedb/production";
and for my domain's dnssec
key-directory "/keys/dnssec/example.com";
pathnames are relative to chroot.
here, chroot is @ "/data/chroot/named",
ps aux | grep named
named 14285 0.0 0.2 526388 67360 ? Ssl 08:47
0:00 /usr/sbin/named -f -t /data/chroot/named -n 2 -S 1024 -u named -c
/etc/named.conf
checking,
ls -al \
/data/chroot/named/namedb/production \
/data/chroot/named/keys/dnssec/example.com/
access looks ok (?)
/data/chroot/named/keys/dnssec/example.com/:
total 32K
drwxr-xr-x 2 named named 4.0K Oct 12 18:09 ./
drwxr-xr-x 5 named named 4.0K Oct 14 00:22 ../
-rw-r----- 1 named named 405 Oct 13 19:14
Kexample.com.+013+17296.key
-rw-r----- 1 named named 215 Oct 13 19:14
Kexample.com.+013+17296.private
-rw-r----- 1 named named 572 Oct 13 19:14
Kexample.com.+013+17296.state
-rw-r----- 1 named named 455 Oct 13 19:14
Kexample.com.+013+62137.key
-rw-r----- 1 named named 235 Oct 13 19:14
Kexample.com.+013+62137.private
-rw-r----- 1 named named 556 Oct 13 19:14
Kexample.com.+013+62137.state
/data/chroot/named/namedb/production:
total 16K
drwxrwxr-x 2 named named 4.0K Oct 14 08:47 ./
drwxr-xr-x 5 named named 4.0K Oct 14 08:47 ../
-rw------- 1 named named 8.0K Oct 14 08:47 external.nzd
-rw-r----- 1 named named 0 Oct 14 08:47 managed-keys.bind
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
