rndc: 'addzone' failed: permission denied

Torinthiel torinthiel at data.pl
Wed Aug 17 13:44:37 UTC 2011

On 2011-08-17 15:24, Fredrik Poller wrote:
> Hello,
> I'm trying to use the new addzone feature in rndc, but all I get is the following error message:
> # rndc addzone 'example.com in external { type slave; file "example.com"; masters {; }; };'
> rndc: 'addzone' failed: permission denied
> rndc is configured and works well with other commands.
> The bind log file doesn't tell me anything, despite increasing the trace level, it only acknowledges that the request was received. Running rndc with -V doesn't reveal anything useful.
> I've tried with and without views, I've tried to add both master and slave zones with different filenames (both relative and full path). Out of desperation I've also instituted some very liberal file permissions on everything named related, but no luck.

Do you use chroot jail? Maybe the paths are different, and that's why it 
fails. Also, does 'very liberal' mean a+rwX, or something else? Bind 
might be trying to write as a user you are not expecting.


More information about the bind-users mailing list