Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux
Reindl Harald
h.reindl at thelounge.net
Fri Jun 10 10:53:35 UTC 2022
Am 10.06.22 um 10:52 schrieb Søren Andersen:
> I've installed a fresh BIND on a RHEL 8.6 system with enforcing SElinux,
> and when I try to start BIND with the provided systemd unit file it just
> waits and timeout, and also logs these errors in /var/log/message
>
> Jun 10 10:09:25 systemd[1]: isc-bind-named.service: Can't convert PID
> files /var/opt/isc/scls/isc-bind/run/named/named.pid O_PATH file
> descriptor to proper file descriptor: Permission denied
> Jun 10 10:09:25 systemd[1]: isc-bind-named.service: Can't convert PID
> files /var/opt/isc/scls/isc-bind/run/named/named.pid O_PATH file
> descriptor to proper file descriptor: Permission denied
>
> If I remove PIDFile in the systemd unit it just works fine..
>
>
> [Service]
> Type=forking
> EnvironmentFile=-/etc/opt/isc/scls/isc-bind/sysconfig/named
> #PIDFile=/var/opt/isc/scls/isc-bind/run/named/named.pid
> ExecStart=/opt/isc/isc-bind/root/usr/sbin/named -u named $OPTIONS
> ExecReload=/bin/kill -HUP $MAINPID
> ExecStop=/bin/kill -TERM $MAINPID
> PrivateTmp=true
>
> Anyone else experiences this?
PIDFile shouldn't be needed at all - esepcially for threaded services
it's useless, systemd knows the PID anyways
if that option is used in the provided systemd-unit one should ask the
guy who have written it: why?
if it would be useful my "ExecReload=/usr/bin/kill -HUP $MAINPID" won't
work for nearly 10 years without "PIDFile" (no i won't use and configure
rndc - keep it simple)
More information about the bind-users
mailing list