root.hints - apparmor access error with Bind from PPA
3coma3
3coma3 at gmail.com
Fri Jun 4 16:18:02 UTC 2021
Hi G.W.,
On 4/6/21 12:33, G.W. Haywood via bind-users wrote:
> Hi there,
>
> On Fri, 4 Jun 2021, 3coma3 wrote:
>
>> Jun 3 22:03:53 ... apparmor="DENIED" ... "/usr/share/dns/root.hints" ...
>
> This isn't exactly an answer to your question but I don't think you
> need root.hints any more - you can just delete it.
>
> I'm currently using 9.11.26, and I haven't used root.hints for years.
> The hints section (zone ".") in my named.conf is just commented out.
>
> https://kb.isc.org/docs/aa-01309
>
> HTH
Your suggestion is in line with what was pointed out by Timothe, also
great explanation from the KB.
It seems this is an extra precaution on the side of Debian, perhaps to
cover some obscure corner case of unreachable root servers? Otherwise I
cannot think of a good reason they include this. I've turned off the
root hint now.
Thanks for the help and info
More information about the bind-users
mailing list