rndc: 'addzone' failed: permission denied
Fredrik Poller
Fredrik.Poller at zetup.se
Thu Aug 18 05:33:22 UTC 2011
> -----Original Message-----
> From: Peter Andreev [mailto:andreev.peter at gmail.com]
> Sent: den 17 augusti 2011 16:16
> To: Fredrik Poller
> Subject: Re: rndc: 'addzone' failed: permission denied
>
> 2011/8/17 Fredrik Poller <Fredrik.Poller at zetup.se>:
> >> -----Original Message-----
> >> From: bind-users-bounces+fredrik.poller=zetup.se at lists.isc.org
> >> [mailto:bind-users-bounces+fredrik.poller=zetup.se at lists.isc.org] On
> >> Behalf Of Torinthiel
> >> Sent: den 17 augusti 2011 15:45
> >> To: bind-users at lists.isc.org
> >> Subject: Re: rndc: 'addzone' failed: permission denied
> >>
> >> On 2011-08-17 15:24, Fredrik Poller wrote:
> >> > Hello,
> >> >
> >> > I'm trying to use the new addzone feature in rndc, but all I get is
> >> > the
> >> following error message:
> >> >
> >> > # rndc addzone 'example.com in external { type slave; file
> >> > "example.com";
> >> masters { 192.168.142.133; }; };'
> >> > rndc: 'addzone' failed: permission denied
> >> >
> >> > rndc is configured and works well with other commands.
> >> >
> >> > The bind log file doesn't tell me anything, despite increasing the
> >> > trace level,
> >> it only acknowledges that the request was received. Running rndc with
> >> -V doesn't reveal anything useful.
> >> >
> >> > I've tried with and without views, I've tried to add both master
> >> > and slave
> >> zones with different filenames (both relative and full path). Out of
> >> desperation I've also instituted some very liberal file permissions
> >> on everything named related, but no luck.
> >>
> >>
> >> Do you use chroot jail? Maybe the paths are different, and that's why it
> fails.
> > Nope.
> >
> >> Also, does 'very liberal' mean a+rwX, or something else? Bind might
> >> be trying to write as a user you are not expecting.
> > I've tried all combination ranging from chowning everything to the named
> user to chmoding everything 777.
>
> Did you set "allow-new-zones" to "yes" in config file?
That's it! Thank you.
Unfortunately the named.conf and rndc man pages doesn't say anything about the allow-new-zones directive.
> >
> >>
> >> Regards,
> >> Torinthiel
> >> _______________________________________________
> >> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> >> unsubscribe from this list
> >>
> >> bind-users mailing list
> >> bind-users at lists.isc.org
> >> https://lists.isc.org/mailman/listinfo/bind-users
> >
> > Thanks for your input
> >
> > Best regards,
> > Fredrik Poller
> > _______________________________________________
> > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> > unsubscribe from this list
> >
> > bind-users mailing list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> >
>
>
>
> --
> --
> AP
More information about the bind-users
mailing list