Re: bind error: none:0: open: /etc/named.conf: permission denied

[Todd And Margo Chester]

On 07/22/2011 10:41 PM, Nico Kadel-Garcia wrote:

On Fri, Jul 22, 2011 at 9:45 PM, Todd And Margo Chester
<toddandma...@gmail.com>  wrote:

Hi Guys,

  sl6, 64 bit
  bind
  bind-chroot

I am trying  to migrate my DNS (bind, named) over from Cent OS 5.6
to SL 6.  (Yes, I am a refugee who liked the SL community and decided
to stay.)  When I try starting /etc/rc.d/init.d/named, I get

      # service named start
      Starting named:
      Error in named configuration:
      none:0: open: /etc/named.conf: permission denied

There is no permission problem.  (Setting named.conf to 2777
proved that.)

I have isolated the problem down to this line of code in
../init.d/named:

       if [ -x /usr/sbin/named-checkconf ]&&  \
          [ -x /usr/sbin/named-checkzone ]&&    \
          /usr/sbin/named-checkconf $ckcf_options ${named_conf}>/dev/null
2>&1; then

Placing the following proofing statements in ..init.d/named:

       echo ""
       echo "you are here"
       echo "`whoami`"
       if [ -x /usr/sbin/named-checkconf ]; then echo "yes"; else echo "no";
fi
       if [ -x /usr/sbin/named-checkzone ]; then echo "yes"; else echo "no";
fi
       /usr/sbin/named-checkconf $ckcf_options ${named_conf}; echo $?

gives:

       you are here
       root
       yes
       yes
       + /usr/sbin/named-checkconf -z -t /var/named/chroot /etc/named.conf
       none:0: open: /etc/named.conf: permission denied
       1

So the problem is specifically:

       /usr/sbin/named-checkconf -z -t /var/named/chroot /etc/named.conf

Now here is the rub.  If I run the above command as the same user (root)
from the command line, it works!

        # /usr/sbin/named-checkconf -z -t /var/named/chroot /etc/named.conf;
echo  $?
        zone foo.local/IN: loaded serial 100
        zone 255.168.192.in-addr.arpa/IN: loaded serial 100
        zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
        0

[Editorial comment]  AAAAAAAAHHHHHHHHHHHHH!!!!! [/editorial comment]

Help!

Youve got named running in the chrooted environment in
/var/named/chroot. Yank out the bind-chroot package for now, restorie
it when you've had a chance to read and review the documentaiton.

Hi Nico,

When I had originally ported, I copied the computer directory tree

    /var/named/chroot

over from the old computer.  I did not have bind-chroot installed,
so of course, bind could not find anything.  Then I remembered
chroot, so I yum'ed bind-chroot.

I got stuck on

   /usr/sbin/named-checkconf -z -t /var/named/chroot /etc/named.conf

working from the command line, but not from

   /etc/rc.d/init.d/named

I do believe my next step will be what you and William suggested:
start without bind-chroot and everything in its normal location.  Then
upgrade to bind-chroot

Thank you for the help.  I will let everyone know what happens.

-T