Forgive the top post. The directory is writable. I run bind chrooted and the directory exists, is owned by the named user and is writable by the named user.
-- Jack Tavares "How many more can we sell with this button?" ________________________________________ From: David Forrest [...@maplepark.com] Sent: Sunday, October 03, 2010 09:12 To: Evan Hunt Cc: Jack Tavares; bind-users@lists.isc.org Subject: Re: managed-keys-zone file not found On Sun, 3 Oct 2010, Evan Hunt wrote: > On Fri, Oct 01, 2010 at 10:29:34PM +0000, Jack Tavares wrote: >> Hello >> While starting up bind I get the following 2 messages >> 01-Oct-2010 15:13:15.304 set up managed keys zone for view external, file >> '3c4623849a49a53911c4a3e48d8cead8a1858960bccdea7a1b978d73ec2f06d7.mkeys' >> and >> 01-Oct-2010 15:13:15.309 managed-keys-zone ./IN/external: loading from >> master file >> 3c4623849a49a53911c4a3e48d8cead8a1858960bccdea7a1b978d73ec2f06d7.mkeys >> failed: file not found > > The expected behavior is, the first time you start BIND with managed-keys > configured in a view, it will try to load the keys from an existing > managed-keys file. If the file isn't found, it logs this warning, > and then if the directory is writable, it goes ahead and creates the file. > > So you should only be seeing this the first time, and not thereafter. > Which is why I'm concerned about this: > >> I have tried using managed-keys-directory option, but I cannot get rid of >> this message. > > BIND hasn't created the file yet? Is your working directory or > managed-keys-directory writable? Evan, I had this same message and it continued on every start. But it went ahead and loaded the zone (in memory I surmised) and everything worked OK. I just tried creating an empty file (via touch) in my working directory and, viola! No more messages except for the "set up managed keys zone for view external" and it still works as it should. My working directory is owned by named and I run as -u named so I don't know why it does not write the file. I had a similar problem with the internal view and removed the annoying message in the same manner; touching the file with the name in the message in the working directory. So I now have two empty files; No biggie. I searched in the source code for the message and found it in ./bin/named/server.c but didn't go any further as my invocation hack worked for me and it just seemed to be a log info message. YMMV. Dave -- David Forrest e-mail d...@maplepark.com Maple Park Development Corporation http://xen.maplepark.com St. Louis, Missouri (Sent by ALPINE 2.01 FEDORA 11 LINUX) _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users