init script fails + permission denied error

Mark_Andrews at isc.org Mark_Andrews at isc.org
Mon Aug 11 00:14:50 UTC 2003 

> Ok, I broke down and bought the BIND book so now I understand the slave setup
> .
> 
> I am, however, a bit mystified why the doc says to use a copy of the 
> primary's db.127.0.0, unmodified.  Is that correct?  It seems to load ok.
> 
> However,  The unaltered init script I copied from the primary 9.2.1 
> install, doesn't work.  ( 9.2.1 installed on primary, 9.2.2 on slave)  I 
> just used the generic tarball for install as opposed to an rpm, which 
> had dependencies I couldn't find on rpmfind.  Anyway, here's what 
> happens when I run the init script.
> 
> Aug  9 18:49:16 wendy named[6223]: starting BIND 9.2.2 -u named
> Aug  9 18:49:16 wendy named[6223]: using 2 CPUs
> Aug  9 18:49:16 wendy named[6226]: loading configuration from 
> '/etc/named.conf'
> Aug  9 18:49:16 wendy named[6226]: no IPv6 interfaces found
> Aug  9 18:49:16 wendy named[6226]: listening on IPv4 interface lo, 
> 127.0.0.1#53
> Aug  9 18:49:16 wendy named[6226]: listening on IPv4 interface eth0, 
> 192.168.0.37#53
> Aug  9 18:49:16 wendy named[6226]: none:0: open: /etc/rndc.key: file not 
> found   # is this mandatory?

	See rndc-confgen.  There is very limited control of named w/o
	using rndc.

> Aug  9 18:49:16 wendy named[6226]: couldn't add command channel 
> 127.0.0.1#953: file not found
> Aug  9 18:49:16 wendy named[6226]: couldn't open pid file 
> '/var/run/named.pid': File exists

	See "options { pid-file "xxxx"; };" to specify a location that
	can be written to with "-u named" in effect.

> Aug  9 18:49:16 wendy named[6226]: exiting (due to early fatal error)
> Aug  9 18:49:16 wendy named: named startup failed
> 
> Using /usr/sbin/named starts it, but I get the permission error on 
> transfer.  /usr/sbin/named -u named fails, and running without it causes 
> it to run as root, which I suspect has something to do with the 
> permissions issue.
> 
> Aug  9 17:49:39 wendy named[5920]: starting BIND 9.2.2
> Aug  9 17:49:39 wendy named[5920]: using 2 CPUs
> Aug  9 17:49:39 wendy named[5922]: loading configuration from 
> '/etc/named.conf'
> Aug  9 17:49:39 wendy named[5922]: no IPv6 interfaces found
> Aug  9 17:49:39 wendy named[5922]: listening on IPv4 interface lo, 
> 127.0.0.1#53
> Aug  9 17:49:39 wendy named[5922]: listening on IPv4 interface eth0, 
> 192.168.0.37#53
> Aug  9 17:49:39 wendy named[5922]: none:0: open: /etc/rndc.key: file not 
> found
> Aug  9 17:49:39 wendy named[5922]: couldn't add command channel 
> 127.0.0.1#953: file not found
> Aug  9 17:49:39 wendy named[5922]: logging channel 'xfer_file' file 
> 'xfer.log': permission denied
> Aug  9 17:49:39 wendy named[5922]: logging channel 'queries_file' file 
> 'queries.log': permission denied
> Aug  9 17:49:39 wendy named[5922]: zone 0.0.127.in-addr.arpa/IN: loaded 
> serial 1
> Aug  9 17:49:39 wendy named[5922]: running
> Aug  9 17:49:39 wendy named[5922]: dumping master file: tmp-XXXXbC9MGj: 
> open: permission denied
> Aug  9 17:49:39 wendy named[5922]: dumping master file: tmp-XXXXo3QUcT: 
> open: permission denied
> Aug  9 17:49:39 wendy named[5923]: dumping master file: tmp-XXXX21fcJs: 
> open: permission denied

	Named, under Linux, drops root's ability to override file
	permissions.
 
> ...otherwise, here's the only distinction between running the init 
> script to start and using /usr/sbin/named
> Aug  9 18:49:16 wendy named[6226]: couldn't open pid file 
> '/var/run/named.pid': File exists
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list