Journal open failed.
Bill Larson
wllarso at swcp.com
Thu Jun 15 01:58:54 UTC 2006
On Jun 14, 2006, at 5:44 PM, Stefan Puiu wrote:
> Hi,
>
> I think it depends a bit on your distro, and how it sets up BIND. If
> /var/lib/named is a symlink to something else, I guess that if you
> chmod the symlink it's no good. OTOH, I have SuSE 9.1 at work, and
> that one has it as a proper directory. With screwed permissions just
> like your setup. However, you don't want to allow anyone to write to
> your BIND directory - just change the group of /var/lib/named to
> 'named' and give group write access. I'm assuming you're running BIND
> as user named - that's how it is on SuSE 9.1.
>
> Are you sure you're not chmod-ing /var/run/named..., which is actually
> a symlink? Symlinks have different permissions from their targets,
> IIRC. Also, for creating the journal file named has to have write
> permissions to the directory where your zone file (example.com) is.
> IIRC, the name of the journal file is just the name of the zone file
> with '.jnl' appended, at least that's how it was in 9.3.0.
>
> Stefan.
Also remember that if you are running "named" in a chroot
environment, the actual directory that you need to set permissions
and change ownership for may not be the "/var/lib/named" directory
that you see in your non-chroot environment.
Take a look at how you start named. If it has a "-t" option
specified then you are running in a chroot environment and the
directory structure that you need to look at is under the chroot
directory that is specified with the "-t" option. For example, if
you start up named with "-t /var/lib/named" and the directory that is
specified in your configuration file is "/var/lib/named", then the
actual directory that you are looking at is /var/lib/named/var/lib/
named and changing /var/lib/named itself won't make a bit of difference.
Now, as Stefan has pointed out, changing the permissions to where
everyone can write to a directory is an overkill solution. Please be
a little careful about giving everyone the right to kill, at least a
portion, of your operating system.
Bill Larson
> On 6/14/06, kalyanasundaram S <s.kalyanasundaram at inbox.com> wrote:
>>
>> I am using bind 9.3.2
> [...]
>> but while trying from nsupdate it is giving me the error "journal
>> open failed: Unexpected error"
> [...]
>> permission denied
>> updating zone example.com/IN : Journal open failed: Unexpected Errir
>>
>> i have set mode (777) for the /var/lib/named abd /var/lib/named/
>> master and /var/lib/named/master/example.com too..
>
>
More information about the bind-users
mailing list