chroot'd bind-dlz file (__db.00* ) perms causing "rndc reload" to fail; where to set/change them?
snowcrash+bind
schneecrash+bind at gmail.com
Sun Sep 30 06:31:20 UTC 2007
hi,
i've built Bind 941p1 w/ dlz enabled,
...
--with-dlz-stub \
--with-dlz-filesystem \
--with-dlz-bdb=/usr/local/bdb46x \
...
i've installed 'named' into a chroot, @ dir == /var/chroot/named.
prior to named launch, i've,
ls -al /var/chroot/named/etc/dlz
drwxr-xr-x 3 root named 102 Sep 29 23:18 ./
drwxr-xr-x 12 root named 408 Sep 29 22:17 ../
-rw-r--r-- 1 root named 53248 Sep 29 22:50 DLZ.dnsdata.db.pending
on 'named' launch, all's ok; no errors. here's log output:
Sep 29 23:02:04 scdev named[12028]: starting BIND 9.4.1-P1 -t
/var/chroot/named -c /etc/named.conf -4 -n 1 -u named
Sep 29 23:02:05 scdev named[12028]: command channel listening on 127.0.0.1#953
Sep 29 23:02:05 scdev named[12028]: 29-Sep-2007 23:02:05.421 general:
notice: running
and, dlz's created,
ls -al /var/chroot/named/etc/dlztotal 996
drwxr-xr-x 9 root named 306 Sep 29 23:19 ./
drwxr-xr-x 12 root named 408 Sep 29 22:17 ../
-rw-r--r-- 1 root named 53248 Sep 29 22:50 DLZ.dnsdata.db.pending
-rw-r----- 1 root named 24576 Sep 29 23:19 __db.001
-rw-r----- 1 root named 49152 Sep 29 23:19 __db.002
-rw-r----- 1 root named 270336 Sep 29 23:19 __db.003
-rw-r----- 1 root named 98304 Sep 29 23:19 __db.004
-rw-r----- 1 root named 475136 Sep 29 23:19 __db.005
-rw-r----- 1 root named 49152 Sep 29 23:19 __db.006
but @,
rndc reload
i get,
Sep 29 23:03:27 scdev named[12028]: 29-Sep-2007 23:03:27.058
database: error: bdbhpt environment at '/etc/dlz' could not be opened.
bdbhpt error: Permission denied
Sep 29 23:03:27 scdev named[12028]: 29-Sep-2007 23:03:27.061
database: error: SDLZ driver failed to load.
Sep 29 23:03:27 scdev named[12028]: 29-Sep-2007 23:03:27.062
database: error: DLZ driver failed to load.
Sep 29 23:03:27 scdev named[12028]: 29-Sep-2007 23:03:27.066 general:
error: reloading configuration failed: failure
if i mode perms,
chmod g+w /var/chroot/named/etc/dlz/__db*
then,
rndc reload
all's ok.
server reload successful
where do i set dlz's creation perms so that 'rndc reload' behaves?
or, is it a different issue?
thanks!
More information about the bind-users
mailing list