Bind is Broken and will not start (Another Permissions issue)
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Thu Aug 8 22:20:11 UTC 2002
>
> I have built a redhat 7.2 box that needs to run a DNS Server. It was
> all running happily until I re-booted the box and now Bind will not
> start. The entries in messages are below:
>
> Aug 8 15:23:09 relay1 named[3627]: starting BIND 9.2.1 -u named
> Aug 8 15:23:09 relay1 named[3627]: using 1 CPU
> Aug 8 15:23:09 relay1 named[3630]: loading configuration from
> '/etc/named.conf'
> Aug 8 15:23:09 relay1 named[3630]: none:0: open: /etc/named.conf:
> permission denied
> Aug 8 15:23:09 relay1 named[3630]: loading configuration: permission
> denied
> Aug 8 15:23:09 relay1 named[3630]: exiting (due to fatal error)
> Aug 8 10:23:09 relay1 named: named startup failed
>
>
> What has happened? I tried starting it as root but got the same:
>
> Aug 8 15:39:53 relay1 named[3739]: starting BIND 9.2.1 -u root
> Aug 8 15:39:53 relay1 named[3739]: using 1 CPU
> Aug 8 15:39:53 relay1 named[3741]: loading configuration from
> '/etc/named.conf'
> Aug 8 15:39:53 relay1 named[3741]: none:0: open: /etc/named.conf:
> permission denied
> Aug 8 15:39:53 relay1 named[3741]: loading configuration: permission
> denied
> Aug 8 15:39:53 relay1 named[3741]: exiting (due to fatal error)
>
> Permissions are as follows:
>
> drwxr-xr-x 56 root root 4096 Aug 8 16:15 /etc
> -rw-r--r-- 1 root root 836 Aug 7 10:45
> /etc/named.conf
This is the initial open of /etc/named.conf failing. Have
you changed the permissions for "/"? They should be
755 (rwxr-xr-x) owner root and some group.
e.g.
drwxr-xr-x 20 root wheel 512 Aug 1 15:06 /
The permissions for /etc and /etc/named.conf look ok.
Named is *not* running with elevated file system access
permissions by the time it attempts to open /etc/named.conf
even when running as root. [ This applies to Linux systems
with capability support]
When debugging access permissions you need to look at each
element in the path and the first element is "/" then "/etc"
and finally "/etc/named.conf".
Mark
> Any help would be appreciated.
>
> Thanks
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list