Double

January 14, 2013

hi.
can not restart bind9 server.

dns@server:/etc/bind$ sudo /etc/init.d/bind9 stop
* stopping domain name service... bind9
rndc: connect failed: 127.0.0.1#953: connection refused [ok]

dns@server:/etc/bind$ sudo /etc/init.d/bind9 start
* starting domain name service...
bind9 [fail]

when messages log file found description:
apparmor="denied" operation="open" parent=12917 profile="/usr/sbin/named" name="/etc/ssl/openssl.cnf" pid=12918 comm="named" requested_mask="r" denied_mask="r" fsuid=118 ouid=0

shut down apparmor , make bind restart.
situation same.

it's interesting error comes time.
first installation till now.

usr.bin.named

/usr/sbin/named {
#include <abstractions/base>
#include <abstractions/nameservice>
#include <abstractions/nis>

capability net_bind_service,
capability setgid,
capability setuid,
capability sys_chroot,

/usr/sbin/named mr,
/var/lib/named/dev/random r,
/var/lib/named/etc/127.0.0 r,
/var/lib/named/etc/bind/named.conf r,
/var/lib/named/etc/bind/rndc.key r,
/var/lib/named/etc/localhost r,
/var/lib/named/etc/localtime r,
/var/lib/named/etc/named.run a,
/var/lib/named/etc/root.hints r,
/var/lib/named/etc/sites/domingo.dk/forward.zone r,
/var/lib/named/etc/sites/domingo.dk/reverse.zone r,
/var/lib/named/var/run/named.pid w,
}

problem , how fix ?

posted linubu

hi.
can not restart bind9 server.

dns@server:/etc/bind$ sudo /etc/init.d/bind9 stop
* stopping domain name service... bind9
rndc: connect failed: 127.0.0.1#953: connection refused [ok]

dns@server:/etc/bind$ sudo /etc/init.d/bind9 start
* starting domain name service...
bind9 [fail]

when messages log file found description:
apparmor="denied" operation="open" parent=12917 profile="/usr/sbin/named" name="/etc/ssl/openssl.cnf" pid=12918 comm="named" requested_mask="r" denied_mask="r" fsuid=118 ouid=0

shut down apparmor , make bind restart.
situation same.

it's interesting error comes time.
first installation till now.

usr.bin.named

/usr/sbin/named {
#include <abstractions/base>
#include <abstractions/nameservice>
#include <abstractions/nis>

capability net_bind_service,
capability setgid,
capability setuid,
capability sys_chroot,

/usr/sbin/named mr,
/var/lib/named/dev/random r,
/var/lib/named/etc/127.0.0 r,
/var/lib/named/etc/bind/named.conf r,
/var/lib/named/etc/bind/rndc.key r,
/var/lib/named/etc/localhost r,
/var/lib/named/etc/localtime r,
/var/lib/named/etc/named.run a,
/var/lib/named/etc/root.hints r,
/var/lib/named/etc/sites/domingo.dk/forward.zone r,
/var/lib/named/etc/sites/domingo.dk/reverse.zone r,
/var/lib/named/var/run/named.pid w,
}

problem , how fix ?

perhaps add followign apparmor profile
code:
/etc/ssl/openssl.cnf r,
reload profile , issue should resolved.

hope helps.

Forum The Ubuntu Forum Community Ubuntu Official Flavours Support Networking & Wireless [ubuntu] can not start bind9 - apparmor ?

Ubuntu

Search This Blog

Double

Thread: can not start bind9 - apparmor ?

Comments

Post a Comment

Popular posts from this blog

How to set the order of FAQs instead of alphabetical

Thread: Get UK Keyboard working

how do I change the e-mail address for my merchant account