My DNS sinkhole is failing to start
Daniel Stirnimann
daniel.stirnimann at switch.ch
Mon Nov 27 07:46:48 UTC 2017
On 26.11.17 16:48, Blason R wrote:
> Strange...when I started with command line it started successfully even
> catering all my zones and sinkholing the requests as well
>
> /usr/sbin/named -u named -d 10 -c /etc/named.conf
Might be a SELinux issue. Your configuration is likely not compatible
with the SELinux policy. Starting it manually will run it in
"unconfined" because your user id is "unconfined".
To quickly confirm it is an SELinux policy issue:
# get SELinux mode
getenforce
# set SELinux mode to permissive (if previously Enforcing)
setenforce permissive
To fix the issue, I suggest you install:
yum install setroubleshoot-server
which contains the tool sealert. Then you run:
sealert -a /var/log/audit/audit.log
And follow the recommendations in the output.
Daniel
More information about the bind-users
mailing list