DNSSEC policy using wrong directory?
Benny Pedersen
me at junc.eu
Sun Aug 24 08:51:00 UTC 2025
Mike skrev den 2025-08-24 03:50:
> I just set up `dnssec-policy default;` in my zones. Now I'm seeing
> error
> messages like:
>
> general: error: /etc/bind/good-with-numbers.com.signed.jnl: create:
> permission denied
>
> Well, yeah, that's a read-only file system.
>
> options {
> directory "/var/cache/bind";
>
> is set, so that's the working directory, so it should be writing into
> there.
> Instead, it seems to be choosing the directory where the zone file is:
>
> zone "good-with-numbers.com" {
> file "/etc/bind/good-with-numbers.com";
>
> Is there an override?
/etc/bind should stay READONLY
/var/bind is READWHITE according to FHS filesystem layout
change file "/etc/bind/.... in named.conf
solved
More information about the bind-users
mailing list