On Sat, 7 Dec 2002 15:20, Rodrigo Moya wrote: > Dec 7 04:02:49 lagun named[1108]: dumping master file: > /var/cache/bind/tmp-XXXXLWOG9Y: open: permission denied > Dec 7 04:02:49 lagun named[1108]: transfer of 'historia-antigua.com/IN' > from 80.33.181.69#53: failed while receiving responses: permission > denied > > What is wrong? named is being run as root, and the /var/cache/bind > directory belongs to the bind user.
That is what is wrong. BIND9 drops the capability cap_dac_override and thus can't create files in directories owned by a UID other than root unless they are mode 777. The solution is to have the directory owned by the same UID that is used for running the named process. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page