Can't create a log file
Jason Vas Dias
jvdias at redhat.com
Tue Dec 20 22:07:46 UTC 2005
On Tuesday 20 December 2005 16:46, Mark Andrews <Mark_Andrews at isc.org> wrote:
> On Monday 19 December 2005 23:39, "Paul Banta" <paulbanta at yahoo.com> wrote:
> > Thanks for the advice. I will check it again when I get back to work,
> > but I had to create /var/log/named and after I created it I did
> >
> > % chown named named
> >
> > Permissions on the directory are 755. The group on the directory is
> > root. I even set the group on the directory to named but it didn't
> > make any difference so I changed it back to root. Following your
> > advice I will remove the zero length log file (which is owned by named
> > and is writeable) and try again.
> >
> > I think that I have the SElinux stuff turned on in RHEL4. Could that
> > be causing the problem?
>
> Yes. You have to get everything correct.
>
> > Thanks,
> >
> > -Paul
> >
> >
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
>
>
>
By default, SELinux only allows named to write files / directories with
context 'named_cache_t' - this is the context of $ROOTDIR/var/named/data,
$ROOTDIR/var/named/slaves, and of $ROOTDIR/var/run .
($ROOTDIR is set to /var/named/chroot if you have bind-chroot installed).
Using $ROOTDIR/var/named/data to store your log files, you would not need
to do anything else - but if you want to use a different directory, do:
# chcon system_u:object_r:named_cache_t $ROOTDIR/var/log/named
# chown root:named $ROOTDIR/var/log/named
Then named should be able to create a log file in $ROOTDIR/var/log/named .
If not, or if you've any other problems with BIND on RHEL-4, please raise
a bugzilla: https://bugzilla.redhat.com/bugzilla/enter_bug.cgi?component=bind&product=Red+Hat+Enterprise+Linux&version=4
Regards,
Jason Vas Dias<jvdias at redhat.com>
Red Hat BIND package maintainer
More information about the bind-users
mailing list