Symptoms
-
Domains are not resolving externally.
-
The following errors could be found in
/var/log/syslog
:named[25513]: open: /etc/named.conf: permission denied
named[25513]: loading configuration: permission denied
kernel:[9748] audit: type=1400 audit(166963.1:193): apparmor="DENIED" operation="open" profile="/usr/sbin/named" name="/mnt/dir/plesk/var/named/run-root/etc/named.conf" pid=25513 comm="named" requested_mask="r" denied_mask="r" fsuid=110 ouid=0
named[25513]: exiting (due to fatal error)
Cause
The named profile is in the apparmor's enforcing mode.
Resolution
-
Connect to the server via SSH
-
Open
/etc/apparmor.d/local/usr.sbin.named
file if any text editor, for example "vi". -
Add the following line into the opened file:
/var/named/run-root/** rwm,
-
Ensure that
include <local/usr.sbin.named>
directive is not commented with any preceding#
and save the file.# Site-specific additions and overrides. See local/README for details.
include <local/usr.sbin.named>
} -
Reload AppArmor:
# systemctl reload apparmor
-
Start bind9 service:
# systemctl restart bind9
Comments
1 comment
same error as before
Please sign in to leave a comment.