|
|
|
|
| BIND: Zone transfer fails with "permission denied" |
|---|
|
Problem:
Messages like these appear in /var/log/messages:
Aug 1 13:20:07 hostname named[28614]: transfer of 'zone-name-here/IN' from x.x.x.x#53: failed while receiving responses: permission denied
Aug 1 13:20:07 hostname named[28614]: transfer of 'zone-name-here/IN' from x.x.x.x#53: end of transfer
|
|
Solution:
Make sure the local zone file (usually in /var/named) is owned by the same user:group running named.
Gather the necessary info like this:
# ls -l /var/named
# ps aux | grep named
Example: /var/named is owned by nobody:nobody and is mode 02755, the zone file is owned by nobody:nobody and is mode 0644. The named process is owned by root:root. This will NOT work even though logically root should be able to overwrite a file owned by nobody.
Use the "chown" command to change file ownership.
# chown -R root:root /var/named
Note however that this may interfere with certain automated DNS systems (for instance the one we use) so you may want to limit the command to specific zone files.
|
|
|
|
|
|
This is free technical advice without any warranties.
Use at your own risk. Solutions offered may not apply to your particular problem at all.
Opinions and views expressed in the articles are the authors' personal
and may not necessarily reflect or coincide with those of Ano-Tech Computers.
We take no responsibility if anything bad happens from following any of
the intructions given. If you don't understand and accept this, please
contact us for personal assistance instead.
To read our full disclaimer, go
here.
We welcome anyone who is willing to contribute to this public knowledge base,
contact siteadmin@atc.no
if you have information you would like to share. The idea is not to replace
the commercial support sites, but to publish those hard-to-find
solutions you've found yourself looking for over and over again.
Show all articles
