Re: BIND problem
Hi.
On Mon, 22 Feb 2016 13:07:44 -0700
Glenn English <ghe@srv.slsware.net> wrote:
>
> > On Feb 22, 2016, at 3:14 AM, Reco <recoverym4n@gmail.com> wrote:
> >
> > Please post the output of:
> >
> > ls -ald /var/cache/bind/slaves
>
> drwxrwxr-x 2 bind bind 4096 Feb 5 07:52 /var/cache/bind/slaves
>
> > lsattr /var/cache/bind/slaves
>
> -------------e-- /var/cache/bind/slaves/db.172.16.0
> -------------e-- /var/cache/bind/slaves/db.richeyrentals.com
> -------------e-- /var/cache/bind/slaves/db.richeyrentals.dmz
> -------------e-- /var/cache/bind/slaves/db.richeyrentals.lan
>
> > getfacl /var/cache/bind/slaves
>
> getfacl: Removing leading '/' from absolute path names
> # file: var/cache/bind/slaves
> # owner: bind
> # group: bind
> user::rwx
> group::rwx
> other::r-x
Ok, so nothing out of place here.
> > Also, do you have SELinux enabled?
>
> root@log:/etc# egrep -ir SELinux *
<skip>
> I think so...
No, that's not how you check it. Every Debian system has those records.
I meant something like 'ls -alZ /'.
And having looking on all those permissions - I have an idea. Two,
actually.
First, what does contents of /etc/default/bind9 look like?
Second, can you install auditd please and run
'auditctl -w /var/cache/bind/slaves/ -p wa' afterward?
A contents of /var/log/audit/audit.log would be invaluable to
troubleshoot this problem. Of course, it would be also required for
bind to fail to dump a zone at least once.
Reco
Reply to: