rndc.conf, rndc.key, and chroot
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Mon Jan 7 22:16:45 UTC 2002
>
> I've got a bind 9.2 server running in a chroot but I'm having issues with
> the rndc command. I can successfully shut down the server, get status,
> etc., but when I try and reload the server, I get the following:
>
> Jan 7 16:39:32 dns1 named[25280]: [ID 866145 daemon.error]
> /etc/named.conf:15: open: /etc/rndc.key: permission denied
> Jan 7 16:39:32 dns1 named[25280]: [ID 866145 daemon.error] reloading
> configuration failed: permission denied
What user is named running as? Who owns /etc/rndc.key?
Remember if you are running as root on a Linux based OS
named drops root's ability to override file permissions.
Mark
>
> I initially had the key "rndc-key" statement in my /etc/named.conf, so I put
> a chmod 640 on the file so it wasn't world readable. I got the above error
> so I put the key statement in a rndc.key file and included that in the
> /etc/named.conf and then made the rndc.key file chmod 640, but the same
> thing happens.
>
> Does anyone have the correct way of permissioning these files in a chroot
> environment so the rndc works?
>
> Thanks
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list