My DNS sinkhole is failing to start

Daniel Stirnimann daniel.stirnimann at
Mon Nov 27 07:46:48 UTC 2017

On 26.11.17 16:48, Blason R wrote:
> Strange...when I started with command line it started successfully even
> catering all my zones and sinkholing the requests as well
>  /usr/sbin/named -u named -d 10 -c /etc/named.conf

Might be a SELinux issue. Your configuration is likely not compatible
with the SELinux policy. Starting it manually will run it in
"unconfined" because your user id is "unconfined".

To quickly confirm it is an SELinux policy issue:

# get SELinux mode

# set SELinux mode to permissive (if previously Enforcing)
setenforce permissive

To fix the issue, I suggest you install:
yum install setroubleshoot-server

which contains the tool sealert. Then you run:

sealert -a /var/log/audit/audit.log

And follow the recommendations in the output.


More information about the bind-users mailing list