On Fri, Apr 20, 2007 at 09:02:51AM -0400, Oliver Gros wrote: > On SuSE 10.1 when trying to run "rndc stats" I get the "Permission > denied error. > host:/var/lib/named # rndc stats > rndc: 'stats' failed: permission denied > > named is running in root-jail. All other rndc commands work without any > (visible) issues. > The stats file is configured in the named.conf as > /var/lib/named/named.stats. > Even moving the file to a different location like /tmp/named.stats did > not solve the issue. > > Running rndc dumpdb -all does not fail, but also does not produce any > output in the specified file. > > I a spanish(?) list here on opensuse.org I found a hint that it might > have something to do with apparmor settings.
Quite possible that AppArmor is involved, as we have shipped AppArmor profiles for named. To find out, run aa-logprof as root, or use the yast apparmor "update profile wizard" (or something similar). logprof (or the yast front end) will ask you a handful of questions if the AppArmor policy we supplied is insufficient. Hope this helps.
pgpKIDEfdQRvs.pgp
Description: PGP signature
