I finally got it working, I left the /var/named-directory at its place and only moved the zone-files to the replicated filesystem and created one symlink for each zone-file. Now it is starting without problems. SElinux state is still permissive. setsebool named_disable_trans [1|0] doesn't affect the behaviour. I hope BIND will work fine with this setup...
Thank you all for your help. :) Florian > -----Ursprüngliche Nachricht----- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im > Auftrag von Kostas Georgiou > Gesendet: Dienstag, 8. Juli 2008 14:48 > An: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list > Betreff: Re: AW: AW: AW: [rhelv5-list] named 9.3.3 start-script > > On Tue, Jul 08, 2008 at 01:07:54PM +0200, Schmidt, Florian wrote: > > > Yeah, it is starting, after setting SElinux state to permissive and > > removing the line > I added to /etc/sysconfig/named. > > Problem is: It will not stop -.- > > In /var/log/audit/.. are a lot of named-related entries. Would it be > > helpful to post > some of them? > > If you want to use named in a different directory than /var/named with > selinux enabled you need to have the right selinux labels in the new > directory. > You can compare the security labels with ls -Z /var/named /configs/named > > Something like: > semanage fcontext -l | grep /var/named > to see which labels you need and then running for all of them > chcon -t system_u:object_r:named_zone_t:s0 /configs/named/* > ... > or for a more permanent setup > semanage fcontext -a -t system_u:object_r:named_zone_t:s0 > '/configs/named(/.*)?' > ... > restorecon -R /configs/named > will give you the correct selinux setup. > You might need to label /configs as system_u:object_r:var_t also I > think. > > Kostas > > _______________________________________________ > rhelv5-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/rhelv5-list _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
