named permission denied

[marcoricardo]

I recently installed plesk 8.6 on a clean ubuntu 8.0.4 64 bit server but cannot seem to get bind working. The error I have is

pleskdev named[23452]: starting BIND 9.4.2-P1 -t /var/named/run-root -c /etc/named.conf -u bind
pleskdev kernel: [52995.411445] audit(1218705378.941:31): type=1503 operation="inode_permission" requested_mask="r::" denied_mask="r::" name="/var/named/run-root/etc/localtime" pid=23452 pro$
pleskdev named[23452]: found 1 CPU, using 1 worker thread
pleskdev named[23452]: loading configuration from '/etc/named.conf'
pleskdev named[23452]: none:0: open: /etc/named.conf: permission denied
pleskdev named[23452]: loading configuration: permission denied
pleskdev named[23452]: exiting (due to fatal error)
pleskdev kernel: [52995.420384] audit(1218705378.951:32): type=1503 operation="inode_permission" requested_mask="r::" denied_mask="r::" name="/var/named/run-root/etc/localtime" pid=23453 pro$
pleskdev kernel: [52995.420449] audit(1218705378.951:33): type=1503 operation="inode_permission" requested_mask="::r" denied_mask="::r" name="/var/named/run-root/etc/named.conf" pid=23453 pr$
pleskdev kernel: [52995.420483] audit(1218705378.951:34): type=1503 operation="inode_permission" requested_mask="r::" denied_mask="r::" name="/var/named/run-root/etc/localtime" pid=23453 pro$
pleskdev kernel: [52995.420748] audit(1218705378.951:35): type=1503 operation="inode_permission" requested_mask="r::" denied_mask="r::" name="/var/named/run-root/etc/localtime" pid=23453 pro$
pleskdev kernel: [52995.420769] audit(1218705378.951:36): type=1503 operation="inode_permission" requested_mask="r::" denied_mask="r::" name="/var/named/run-root/etc/localtime" pid=23453 pro$

I've tried setting the permissions to different levels but I can't see what they should be.

Can anyone provide any suggestions?

 

[jacko@]

Hi marcoricardo,

Did you resolved this in the end? I'm seeing the same thing.

Thanks,
Jacko

 

[jacko@]

Found the issue. All the permissions were fine, however, apparmor was stopping access to the configuration file.

Regards,
Jacko

 

[nvoth]

One thing I've noticed on CentOS is the installation of caching-nameserver-7.3. It appears to overwrite the default named.conf file and when you try to start BIND, it tanks. I've just been able to remove the named.conf that caching-nameserver installs and restore from an older version of named.conf, (named.conf.rpmsave or named.conf.orig), and then BIND starts fine.

I'm not 100% sure how the caching-nameserver-7.3 package got installed, but it definitely takes over the normal BIND config files. It tries to turn BIND in to a simple caching name server.

-Nick Voth