• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Bind 9 not starting

onycro

onycro

Basic Pleskian
Hello there,

I have a very common issue with bind. I am using plesk 12. It is not starting due to permission issues.

/var/log/syslog
Code: 
Jan 27 10:37:31 h1862523 named[2646]: loading configuration from '/etc/named.conf'
Jan 27 10:37:31 h1862523 named[2646]: open: /etc/named.conf: permission denied
Jan 27 10:37:31 h1862523 kernel: [8647637.080835] type=1400 audit(1453891051.441:68): apparmor="DENIED" operation="open" profile="/usr/sbin/named" name="/var/named/run-root/etc/named.conf" pid=2647 comm="named" requested_mask="r" denied_mask="r" fsuid=113 ouid=0
Jan 27 10:37:31 h1862523 named[2646]: loading configuration: permission denied
Jan 27 10:37:31 h1862523 named[2646]: exiting (due to fatal error)

So I took a look at the file permissions:
Code: 
ls -l /etc/named.conf
lrwxrwxrwx 1 root root 34 Oct 19 14:56 /etc/named.conf -> /var/named/run-root/etc/named.conf

Which seems fine to me. Can someone help me please?

Best wishes,
onycro
 
Ok I apparently just found a working solution:
http://kb.odin.com/en/120026

EDIT:
I found out, when using apt-get upgrade it is installing apparmor again. So I had to remove it from installed packages list:

Code: 
dpkg -r apparmor
 
Last edited:
Or you can add the file...
Code: 
/etc/apparmor.d/local/usr.sbin.named


Containing...
Code: 
# Site-specific additions and overrides for usr.sbin.named.
# For more details, please see /etc/apparmor.d/local/README.
/var/named/run-root/** rwm,


And that will also get bind working again.
Kind regards

Lloyd
 
@onycro and @Lloyd_mcse

Actually, on a normal Ubuntu system (and various derivatives thereof):

a) the /etc/apparmor.d/local/usr.sbin.named file can be empty, (and)

b) the /etc/apparmor.d/usr.sbin.named file should contain the following lines

/var/log/named/** rw,
/var/log/named/ rw,

and this should be set by default, otherwise a manual edit is possible to allow bind with apparmor.

Regards....
 
You must log in or register to reply here.

Similar threads

E
Resolved /etc/named.conf: permission denied
Replies
1
Views
2K
Erwan
E
K
Issue Apparmor denied named
Replies
5
Views
1K
LarsenD
L
K
Issue Dovecot backup/sync to second server fails - Error: auth-master: userdb lookup
Replies
0
Views
1K
kassi
K
Nicola Urbinati
Issue Problem starting services after update and restart
Replies
0
Views
787
Nicola Urbinati
Nicola Urbinati
W
Issue me face a problem AppArmor Issues
Replies
1
Views
2K
Tavy
Tavy
Back
Top