rndc/bind9 weirdness
Matt
matt at xtaz.net
Sat Oct 9 08:06:15 PDT 2004
Matt wrote:
> Clive Lin wrote:
>
>> On Sat, Oct 09, 2004 at 12:35:01PM +0100, Matt Smith wrote:
>>
>>> Basically you can only reload it once and then it'll refuse to talk
>>> unless
>>> you run /etc/rc.d/named restart.
>>
>>
>>
>> Hi,
>>
>> My first guess is to verify the /etc/namedb ->
>> /var/named/etc/namedb link. I have production name server running with
>> 5.3-BETA7 in jail without problem, and I can `rndc reload` as many
>> times as I want. (some more jail specific tweaks, although still in
>> default chroot mode.)
>>
>> If my memory serves me right, I solved the same problem by make
>> the link correct.
>>
>> Cheers
>>
>
> The symlink and /var/named structure is fine as i completely rm -rf'd
> them before letting the new named rc.d script create them. I found the
> issue but am not sure what to do about it. On the second reload there is
> a message in syslog saying:
>
> none:0: open: /etc/namedb/rndc.key: permission denied
>
> So I am assuming because the chroot is set to /var/named it can't access
> this or something?
>
Ahh my fault. I found out what it was. In my named.conf I had this from
when I used to run bind9 from ports with a rndc.conf instead of an rncd.key:
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; };
};
Commenting this out has made me able to reload it all the time. Sorry
for the noise people!
Cheers ;-)
Matt.
More information about the freebsd-current
mailing list