Any ideas why bind is putting the tmp files in the [chroot]/var/named directory
and not in /tmp or /var/tmp?
[r...@devserver21 chroot]# Aug 15 14:08:21 devserver21 named[5101]: loading
configuration from '/etc/named.conf'
Aug 15 14:08:21 devserver21 named: named reload succeeded
Aug 15 14:08:21 devserver21 named[5101]: dumping master file: tmp-Q5X9mC:
open: permission denied
Aug 15 14:08:21 devserver21 named[5101]: transfer of '1.168.192.in-addr.arpa/IN'
from 192.168.1.10#53: failed while receiving responses: permission denied
Aug 15 14:08:21 devserver21 named[5101]: transfer of '1.168.192.in-addr.arpa/IN'
from 192.168.1.10#53: end of transfer
[r...@devserver21 chroot]# dir
total 48
drwxr-x---7 root named 4096 Aug 15 14:07 .
drwxr-x---5 root named 4096 Aug 12 12:45 ..
drwxr-xr--2 root named 4096 Jul 29 15:09 dev
drwxr-x---2 root named 4096 Jul 29 15:09 etc
dr-xr-xr-x 118 root root 0 Aug 15 12:12 proc
drwxrwxrwt2 root root 4096 Aug 15 14:07 tmp
drwxr-x---5 root named 4096 Mar 13 2003 var
[r...@devserver21 chroot]# cd var/
[r...@devserver21 var]# dir
total 40
drwxr-x--- 5 root named 4096 Mar 13 2003 .
drwxr-x--- 7 root named 4096 Aug 15 14:07 ..
drwxr-x--- 4 root named 4096 Aug 12 12:45 named
drwxrwx--- 3 root named 4096 Mar 13 2003 run
drwxrwxrwt 2 named named 4096 Mar 13 2003 tmp
[r...@devserver21 var]# chmod g+w named/
[r...@devserver21 var]# /etc/init.d/named reload
Reloading named: [ OK ]
[r...@devserver21 var]# Aug 15 14:09:46 devserver21 named[5101]: loading
configuration from '/etc/named.conf'
Aug 15 14:09:46 devserver21 named: named reload succeeded
Aug 15 14:09:46 devserver21 kernel: audit(1250359786.568:31): avc: denied {
write } for pid=5103 comm=named name=named dev=dm-0 ino=28148843
scontext=user_u:system_r:named_t tcontext=system_u:object_r:named_zone_t
tclass=dir
Aug 15 14:09:46 devserver21 kernel: audit(1250359786.568:32): avc: denied {
add_name } for pid=5103 comm=named name=tmp-tGN8y7
scontext=user_u:system_r:named_t tcontext=system_u:object_r:named_zone_t
tclass=dir
Aug 15 14:09:46 devserver21 kernel: audit(1250359786.573:33): avc: denied {
create } for pid=5103 comm=named name=tmp-tGN8y7
scontext=user_u:system_r:named_t tcontext=user_u:object_r:named_zone_t
tclass=file
Aug 15 14:09:46 devserver21 kernel: audit(1250359786.574:34): avc: denied {
write } for pid=5103 comm=named name=tmp-tGN8y7 dev=dm-0 ino=28157362
scontext=user_u:system_r:named_t tcontext=user_u:object_r:named_zone_t
tclass=file
Aug 15 14:09:46 devserver21 kernel: audit(1250359786.579:35): avc: denied {
remove_name } for pid=5103 comm=named name=tmp-tGN8y7 dev=dm-0
ino=28157362 scontext=user_u:system_r:named_t
tcontext=system_u:object_r:named_zone_t tclass=dir
Aug 15 14:09:46 devserver21 kernel: audit(1250359786.579:36): avc: denied {
rename } for pid=5103 comm=named name=tmp-tGN8y7 dev=dm-0 ino=28157362
scontext=user_u:system_r:named_t tcontext=user_u:object_r:named_zone_t
tclass=file
Aug 15 14:09:46 devserver21 named[5101]: zone 1.168.192.in-addr.arpa/IN:
transferred serial 2008072300
Aug 15 14:09:46 devserver21 kernel: audit(1250359786.579:37): avc: denied {
setattr } for pid=5103 comm=named name=1.168.192.rev dev=dm-0 ino=28157362
scontext=user_u:system_r:named_t tcontext=user_u:object_r:named_zone_t
tclass=file
Aug 15 14:09:46 devserver21 named[5101]: transfer of '1.168.192.in-addr.arpa/IN'
from 192.168.1.10#53: end of transfer
Aug 15 14:09:46 devserver21 named[5101]: zone 1.168.192.in-addr.arpa/IN: sending
notifies (serial 2008072300)
[r...@devserver21 var]#
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100-
- +1 (443) 269-1555 x333Baltimore, Maryland 21218 -
- -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is copyright PD Inc, subject to license 20080407P00.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
