Master file permission denied
Daniel Armando Rodriguez
drodriguez at unau.edu.ar
Thu Jun 29 12:51:19 UTC 2023
El 29/6/23 a las 09:40, Anand Buddhdev escribió:
> On 29/06/2023 14:13, Daniel Armando Rodriguez via bind-users wrote:
>
> [snip]
>
>> Error is not the same as before, I see it know (fresh eyes maybe)
>>
>> Jun 29 08:42:37 web kernel: [5679658.761672] audit: type=1400
>> audit(1688038957.685:548): apparmor="DENIED" operation="mknod"
>> profile="named" name="/etc/bind/zonas/db.unau.edu.ar.jbk" pid=1350974
>> comm="isc-net-0001" requested_mask="c" denied_mask="c" fsuid=107
>> ouid=107
>
> [snip]
>
>> So, shouldn't that write attempt happen in /var/cache/bind?
>
> When BIND signs a zone, it keeps a copy of the signed zone next to the
> original zone file, by creating a .signed file. Along with that it
> also creates a couple of other files, for journaling and keeping state.
>
> In your case, BIND will try to create those in /etc/bind/zonas, and
> apparmor is denying it.
>
> Move your zone files into /var/cache/bind, which is a better place to
> keep zone files, and not /etc/bind (this should be for BIND's
> configuration, not for zone files).
>
> Regards,
> Anand
Indeed, after doing that stop complaining :-)
________________________________________________
*Daniel A. Rodriguez*
/Informática, Conectividad y Sistemas/
Universidad Nacional del Alto Uruguay
San Vicente - Misiones - Argentina
informatica.unau.edu.ar <https://informatica.unau.edu.ar>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20230629/9bd158da/attachment-0001.htm>
More information about the bind-users
mailing list