Glenn English wrote: > I'm getting (and have been for a while) log entries from my slave > nameservers like: > > dumping master file: /var/cache/bind/tmp-0EIP3LrP0G: open: permission > denied >... > drwxrwxr-x 2 bind bind 4096 May 21 10:09 /var/cache/bind/
Good. > Any ideas? The first reason that comes to mind for permission denied is that it doesn't have permission. Because the permission is allowed for user and group bind then it follows that the named must be running as a different user rather than the bind user. Therefore the "-u bind" option must have been removed. $ grep OPTIONS /etc/default/bind9 OPTIONS="-u bind" $ ps -ef | grep named bind 2257 1 0 May20 ? 00:00:27 /usr/sbin/named -u bind ^^^^ $ id bind uid=107(bind) gid=115(bind) groups=115(bind) The numbers above are not significant and depend upon the system. Your numbers will be different from this example. It is only important that "bind" shows up in all three places and not some other name. Has the "-u bind" option been removed and the daemon is therefore running as a different user id? If it isn't that then I would suspect selinux has become enabled but not fully configured. Bob
signature.asc
Description: Digital signature