Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 346
  • Last Modified:

RHEL3 BIND issues

I'm kinda stuck on this one at the moment so maybe some of you can help me out.  We have a network with two name servers, one is the primary for about 300 zones and the second is the slave for the same 300 zones.  pretty simple setup that was done by a previous admin so i've never had to really do anything with it other then adding a domain or two.  problem is a little while ago the slave box blew up and we've decided to move it's functions to another linux box on our network for the time being.  The other is running redhat enterprise ES 3 with bind built in (it was selected during the install i believe).  so i basically snagged the named.conf from the old box's backups and moved it over and swapped it out with the default named.conf over on this new box.  everything looked happy but when i started the named service, it trys to sync all three hundred domains and gives the same error (in bind.log) for each below:

Aug 03 12:21:54.786 general: error: dumping master file: tmp-XXXX6P2e3Z: open: permission denied
Aug 03 12:21:54.787 xfer-in: error: transfer of 'mydomain.com/IN' from 10.10.10.10#53: failed while receiving responses: permission denied

and nothing shows up in the /var/named directory on the slave box.  i've gone into the master box and added the new slave's IP address into the "allow-transfer" and "also-notify" fields but it doesn't appear to have fixed the problem.  am i missing something obvious?  i've very little experiance with bind so any help would be appreciated...
0
Jaidenkell
Asked:
Jaidenkell
  • 3
  • 2
1 Solution
 
grbladesCommented:
Hi Jaidenkell,
I have come across this problem before. It was caused by named not having permissions to save the new zone files in its directory. Often there is a 'secondary' directory within the /var/named area which has different permissions so named can create new files.
Also be carefull and check how named is being started. Sometime Redhat have it defaulted to startup as chrooted and the directory it needs to save its files to is slightly different.
0
 
JaidenkellAuthor Commented:
i dont see any sub directories in the /var/named folder (it literally only has 3 files in it, the localhost.zone, named.ca and named.local files), and the whole directory looks to have permissions of "drwxr-x---    2 root     named"

i am not really sure where to check to see if named is chrooted at startup or where to set its directory for named files (other then named.conf which has it set to /var/named).  where would i check for these?
0
 
JaidenkellAuthor Commented:
well i think i figured it out, the permissions were in fact screwy on the named folder.  i opened it up wider and suddenly it started working again.  so am i correct in thinking the permissions i need for the named folder (if its going to be owner root and group named) would be 770 or something similiar?
0
 
grbladesCommented:
Yes 770 will give the owner (root) and the group (named) full access to the directory. Those permissions should be fine.
0
 
JaidenkellAuthor Commented:
Thank you sir! i appreciate the help!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now