Favorite way of dealing with SeLinux and DDNS
Simon Hobson
dhcp1 at thehobsons.co.uk
Mon Sep 4 22:56:15 UTC 2006
Anthony Ewell wrote:
> Anyone have a favorite way of dealing with
>SeLinux blocking your DDNS jnl updates? I was
>pointed to this link
>
> http://www.isc.org/sw/bind/FAQ.php
>
>by the bind mailing list (the last question
>deals with SeLinux), but am a bit overwhelmed
>by it.
It's not a DHCP issue, so I don't know why you got directed here.
The answer is in the FAQ you link to, the simplest method being to
put your zone files in $ROOTDIR/var/named/slave, as per the example :
zone "ddns.zone." IN {
type master;
allow-updates {...};
file "slaves/ddns.zone.db";
};
As the FAQ explains, the security enhancements override the normal
file permissions, so setting ownership and permissions in the normal
way won't help.
If you really want to put your dynamic zones elsewhere then you'll
need to do one of the other options suggested in the FAQ - either
disable the security measure, or add a directory to the list of
directories that Bind can update.
More information about the dhcp-users
mailing list