Journal open failed.

Bill Larson wllarso at swcp.com
Thu Jun 15 01:58:54 UTC 2006


On Jun 14, 2006, at 5:44 PM, Stefan Puiu wrote:

> Hi,
>
> I think it depends a bit on your distro, and how it sets up BIND. If
> /var/lib/named is a symlink to something else, I guess that if you
> chmod the symlink it's no good. OTOH, I have SuSE 9.1 at work, and
> that one has it as a proper directory. With screwed permissions just
> like your setup. However, you don't want to allow anyone to write to
> your BIND directory - just change the group of /var/lib/named to
> 'named' and give group write access. I'm assuming you're running BIND
> as user named - that's how it is on SuSE 9.1.
>
> Are you sure you're not chmod-ing /var/run/named..., which is actually
> a symlink? Symlinks have different permissions from their targets,
> IIRC. Also, for creating the journal file named has to have write
> permissions to the directory where your zone file (example.com) is.
> IIRC, the name of the journal file is just the name of the zone file
> with '.jnl' appended, at least that's how it was in 9.3.0.
>
> Stefan.

Also remember that if you are running "named" in a chroot  
environment, the actual directory that you need to set permissions  
and change ownership for may not be the "/var/lib/named" directory  
that you see in your non-chroot environment.

Take a look at how you start named.  If it has a "-t" option  
specified then you are running in a chroot environment and the  
directory structure that you need to look at is under the chroot  
directory that is specified with the "-t" option.  For example, if  
you start up named with "-t /var/lib/named" and the directory that is  
specified in your configuration file is "/var/lib/named", then the  
actual directory that you are looking at is /var/lib/named/var/lib/ 
named and changing /var/lib/named itself won't make a bit of difference.

Now, as Stefan has pointed out, changing the permissions to where  
everyone can write to a directory is an overkill solution.  Please be  
a little careful about giving everyone the right to kill, at least a  
portion, of your operating system.

Bill Larson

> On 6/14/06, kalyanasundaram S <s.kalyanasundaram at inbox.com> wrote:
>>
>> I am using bind 9.3.2
> [...]
>> but while trying from nsupdate it is giving me the error "journal  
>> open failed: Unexpected error"
> [...]
>> permission denied
>> updating zone example.com/IN : Journal open failed: Unexpected Errir
>>
>> i have set mode (777) for the /var/lib/named    abd /var/lib/named/ 
>> master  and /var/lib/named/master/example.com  too..
>
>



More information about the bind-users mailing list