installing on SLES 10sp3
Lyle Giese
lyle at lcrcomputer.net
Sun Sep 12 14:20:43 UTC 2010
Chris Buxton wrote:
> On Sep 9, 2010, at 5:02 PM, Lyle Giese wrote:
>
>
>> wllarso wrote:
>>
>>> I'm not any sort of Linux expert but this started my mind thinking.
>>>
>>> Take a look at the BIND FAQ, it comes with the sources. There are some Linux specific comments about file and directory permissions. Bind running under Linux drops special 'root' permissions when it starts up.
>>>
>>>
>> I am not using the -u option nor am I running in a CHROOT environment. ps shows root owning the named process.
>>
>>> Also, there are specific issues when running the Security Enhanced Linux. This may be your situation, or not. We can't tell.
>>>
>>>
>> I have never on purpose enabled SELinux<GRIN>!
>>
>
> On SLES, look for AppArmor. You may find that an AppArmor profile is stifling what named can do. Try disabling it.
>
> IMO, SELinux and AppArmor have their place, but you generally have to create or customize your own security profile to allow services to work the way you want them to. Both SUSE and RHEL/Fedora/CentOS make the assumption that you will use the provided management tools, or none at all, rather than using any 3rd party management system.
>
> Chris Buxton
> BlueCat Networks
Thanks, Chris. That is exactly what it was. AppArmor.
Lyle Giese
LCR Computer Services, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100912/33074e40/attachment.html>
More information about the bind-users
mailing list