Zone Transfer from MS DNS to Bind
Shaheen
wael.shaheen at gmail.com
Wed Aug 2 14:04:16 UTC 2006
Hi,
am having a problem configuring Bind as secondary server for an MS
Windows 2k based primary DNS.
what i get in log file is
name named[10827]: transfer of 'abc.com/IN' from x.x.x.x#53: end of
transfer
name named[10827]: loading configuration from '/etc/named.conf'
name kernel: audit(1154526782.984:309): avc: denied { write } for
pid=10831 comm="named" name="named" dev=dm-0 ino=5303719
scontext=root:system_r:named_t:s0
tcontext=system_u:object_r:named_zone_t:s0 tclass=dir
name named[10827]: logging channel 'default_debug' file
'/var/named/named.run': permission denied
name named[10827]: zone abc.com/IN/internal: Transfer started.
name named[10827]: transfer of 'abc.com/IN' from x.x.x.x#53: connected
using 192.168.1.14#58206
name named[10827]: dumping master file: tmp-xRln0Jv84M: open:
permission denied
name kernel: audit(1154526783.624:310): avc: denied { write } for
pid=10829 comm="named" name="named" dev=dm-0 ino=5303719
scontext=root:system_r:named_t:s0
tcontext=system_u:object_r:named_zone_t:s0 tclass=dir
name named[10827]: transfer of 'abc.com/IN' from x.x.x.x#53: failed
while receiving responses: permission denied
name named[10827]: transfer of 'abc.com/IN' from x.x.x.x#53: end of
transfer
and permissons for /var/named is drwxr-x--- 6 root named 4096 Jul
23 19:14 named
when i changed the permission to drwxr-x--- 6 named named 4096
Jul 23 19:14 named
i got the same error.
my named.conf is
options {
directory "/var/named/";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
datasize default;
recursive-clients 30000;
max-cache-size 800000000;
pid-file "/var/run/named/named.pid";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
logging {
category lame-servers {
null;
};
channel "default_debug" {
file "/var/named/named.run"; // write to
named.run in
// the working directory
// Note: stderr is used instead
// of "named.run"
// if the server is started
// with the '-f' option.
severity critical; // log at the server's
// current debug level};
};
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "abc.com" {type slave; file "db.zone"; masters {x.x.x.x; };};
include "/etc/rndc.key"
please advice
Thank you
More information about the bind-users
mailing list