DNSSEC policy using wrong directory?
Ondřej Surý
ondrej at isc.org
Sun Aug 24 08:53:41 UTC 2025
https://bind9.readthedocs.io/en/stable/chapter6.html#the-journal-file
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
> On 24. 8. 2025, at 3:54, Mike <debian at good-with-numbers.com> wrote:
>
> I just set up `dnssec-policy default;` in my zones. Now I'm seeing error
> messages like:
>
> general: error: /etc/bind/good-with-numbers.com.signed.jnl: create: permission denied
>
> Well, yeah, that's a read-only file system.
>
> options {
> directory "/var/cache/bind";
>
> is set, so that's the working directory, so it should be writing into there.
> Instead, it seems to be choosing the directory where the zone file is:
>
> zone "good-with-numbers.com" {
> file "/etc/bind/good-with-numbers.com";
>
> Is there an override?
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20250824/e80a3c7c/attachment.htm>
More information about the bind-users
mailing list