VestaCP - Ubuntu - bind - loading from master file failed: permission denied

Материал из Wiki - Iphoster - the best ever hosting and support. 2005 - 2024
Перейти к:навигация, поиск

Самые выгодные сервера? в рунете


VestaCP - Ubuntu - bind - loading from master file failed: permission denied

Ошибка в логах:

Feb  5 22:12:03 ns329399 named[5550]: zone ns329399.site.net/IN: loading from master file /home/admin/conf/dns/ns329399.site.net.db failed: permission denied
Feb  5 22:12:03 ns329399 kernel: [293294.208940] audit: type=1400 audit(1454706723.362:45): apparmor="DENIED" operation="open" profile="/usr/sbin/named" name="/home/admin/conf/dns/ns329399.site.net.db" pid=5564 comm="named" requested_mask="r" denied_mask="r" fsuid=107 ouid=0
Feb  5 22:12:03 ns329399 kernel: [293294.209971] audit: type=1400 audit(1454706723.362:46): apparmor="DENIED" operation="open" profile="/usr/sbin/named" name="/home/admin/conf/dns/site.ru.db" pid=5566 comm="named" requested_mask="r" denied_mask="r" fsuid=107 ouid=0
Feb  5 22:12:03 ns329399 named[5550]: zone ns329399.site.net/IN: not loaded due to errors.
Feb  5 22:12:03 ns329399 named[5550]: zone site.ru/IN: loading from master file /home/admin/conf/dns/site.ru.db failed: permission denied
Feb  5 22:12:03 ns329399 named[5550]: zone site.ru/IN: not loaded due to errors.
Feb  5 22:12:03 ns329399 named[5550]: zone 255.in-addr.arpa/IN: loaded serial 1
Feb  5 22:12:03 ns329399 named[5550]: zone localhost/IN: loaded serial 2
# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 15.10
Release:        15.10
Codename:       wily


Решение - добавить строку /home/** rwm в конфиг apparmor.d

 # vi /etc/apparmor.d/usr.sbin.named
  /etc/bind/** r,
  /home/** rwm,
  # /etc/init.d/apparmor restart
 # /etc/init.d/bind9 restart

Если ошибка сохраняется - нужно сделать rebuild ДНС зоны в самой панели VestaCP/HestiaCP. Тогда заработает.

Links:

https://forum.hestiacp.com/t/bind9-zone-permission-denied/1546