On 24.6.2014 21:40, Carl Perry wrote:
Whoops, let me send replies to the list. Sorry about that!

It appears the problem is with named not starting. I did install the
required packages, but it looks like SELinux is getting in the way:

[root@freeipa named]# named -f -d 255
isc_file_isplainfile 'data/named.run' failed: permission denied
[root@freeipa named]#

It took some time digging through logs and startup scripts to find the
exact issue.


First of all, try to start named with "named -g -u named" and look for error messages. IMHO SELinux correctly prevents it from running under root account as it is undesirable.

Also, it would be valuable to see error messages or AVCs from /var/log/audit/audit.log .

Did you find any error in /var/log/ipaserver-install.log ?

Petr^2 Spacek


On 06/24/2014 02:13 PM, Rob Verduijn wrote:


2014-06-24 21:12 GMT+02:00 Rob Verduijn <rob.verdu...@gmail.com>:
I saw this in your log :

Global DNS configuration in LDAP server is empty
You can use 'dnsconfig-mod' command to set global DNS options that
would override settings in local named.conf files

Did you install bind and bind-dyndb-ldap ?

Just meddling around with ipa myself

2014-06-24 19:11 GMT+02:00 Petr Spacek <pspa...@redhat.com>:

That is interesting. Do you have latest updates?

Please see

On 24.6.2014 18:41, Carl Perry wrote:
Unexpected error - see /var/log/ipaserver-install.log for details:
If the web page doesn't cover your case please send us the log file
mentioned in the the error message.

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to