Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

On 6/10/22 12:53, Reindl Harald wrote: PIDFile shouldn't be needed at all - esepcially for threaded services it's useless, systemd knows the PID anyways if that option is used in the provided systemd-unit one should ask the guy who have written it: why? if it would be useful my

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Søren, > Oh.. gosh.. You're right.. It works! - It wasn't 100% clear to me that this > was the only correct way to install bind from your repo. We have seen users run into this exact same issue before, so I have now made this particular bit of information more prominent on the "landing pages"

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Hello Michael, Oh.. gosh.. You're right.. It works! - It wasn't 100% clear to me that this was the only correct way to install bind from your repo. Thanks a lot. /Søren From: Michał Kępień Sent: Monday, 13 June 2022 22.04 To: Søren Andersen Cc: Sandro ;

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Søren, > On a fresh install the selinux context are 'var_t', and if I changed it to > 'named_var_run_t' it works! This is the suspicious part for me. How did you install the packages? The only supported way is the one that is documented [1]: dnf install isc-bind That pulls in the SCL

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Sandro, you did nothing wrong. No need to apologize from your side. Ondrej -- Ondřej Surý — ISC (He/Him) My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. > On 10. 6. 2022, at 17:45, Sandro wrote: > > My

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Hello, On a fresh install the selinux context are 'var_t', and if I changed it to 'named_var_run_t' it works! [root@ run]# ls -lZ total 0 drwxrwx---. 2 named named system_u:object_r:var_t:s0 42 Jun 13 14:50 named FYI: I also tried to install the builtin named in RHEL-8, and their systemd unit

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

On 10-06-2022 17:21, Reindl Harald wrote: My apologies if I offended you. seriously - about what magic are you talking? do you even know what a pidfile is? it's a simple textfile where the process writes it's PID and PIDFile forces systemd to read that file and use the content as "Main PID"

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Am 10.06.22 um 17:07 schrieb Sandro: On 10-06-2022 16:02, Reindl Harald wrote: come on! the OP clearly stated the only problem is the "PIDFile" line in the systemd-unit and so what named writes or not is completly irrelevant "PIDFile" for systemd has nothing to do with "pid-file" of named

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

On 10-06-2022 16:02, Reindl Harald wrote: come on! the OP clearly stated the only problem is the "PIDFile" line in the systemd-unit and so what named writes or not is completly irrelevant "PIDFile" for systemd has nothing to do with "pid-file" of named :facepalm: Indeed. I was led down

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Am 10.06.22 um 15:56 schrieb Sandro: On 10-06-2022 15:27, Reindl Harald wrote: Am 10.06.22 um 15:22 schrieb Sandro: On 10-06-2022 12:53, Reindl Harald wrote: if it would be useful my "ExecReload=/usr/bin/kill -HUP $MAINPID" won't work for nearly 10 years without "PIDFile" (no i won't use

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

On 10-06-2022 15:27, Reindl Harald wrote: Am 10.06.22 um 15:22 schrieb Sandro: On 10-06-2022 12:53, Reindl Harald wrote: if it would be useful my "ExecReload=/usr/bin/kill -HUP $MAINPID" won't work for nearly 10 years without "PIDFile" (no i won't use and configure rndc - keep it simple)

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Am 10.06.22 um 15:22 schrieb Sandro: On 10-06-2022 12:53, Reindl Harald wrote: if it would be useful my "ExecReload=/usr/bin/kill -HUP $MAINPID" won't work for nearly 10 years without "PIDFile" (no i won't use and configure rndc - keep it simple) That's a personal choice, but probably not

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

On 10-06-2022 10:52, Søren Andersen wrote: I've installed a fresh BIND on a RHEL 8.6 system with enforcing SElinux, and when I try to start BIND with the provided systemd unit file it just waits and timeout, and also logs these errors in /var/log/message Jun 10 10:09:25 systemd[1]:

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Am 10.06.22 um 12:59 schrieb Søren Andersen: I think the source of the systemd unit file is from: https://gitlab.isc.org/isc-packages/rpms/bind/-/blob/main/named.service.in (And I'm using ISC's repo) Perhaps 

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

I think the source of the systemd unit file is from: https://gitlab.isc.org/isc-packages/rpms/bind/-/blob/main/named.service.in (And I'm using ISC's repo) Perhaps Michał Kępień have any idea? 

Re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Am 10.06.22 um 10:52 schrieb Søren Andersen: I've installed a fresh BIND on a RHEL 8.6 system with enforcing SElinux, and when I try to start BIND with the provided systemd unit file it just waits and timeout, and also logs these errors in /var/log/message Jun 10 10:09:25 systemd[1]:

re: Unable to start Bind on a fresh RHEL 8.6 system with enforcing SELinux

Hello, I've installed a fresh BIND on a RHEL 8.6 system with enforcing SElinux, and when I try to start BIND with the provided systemd unit file it just waits and timeout, and also logs these errors in /var/log/message Jun 10 10:09:25 systemd[1]: isc-bind-named.service: Can't convert PID files