Skip to main content
Unix & Linux

Return to Question

edited title
Link
Ned64
Ned64
  • 9.3k
  • 9
  • 58
  • 94

Bind error after update: directory '/var/named' is not writable - NoBut no writing is necessary!

fix spelling
Source Link
Ned64
Ned64
  • 9.3k
  • 9
  • 58
  • 94

After upgrading a CentOS 7 server to AlmaLinux 9, and BIND along with it, I receive a new error message without changing (bind/named) configuration files:

systemctl status named × named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; preset: disabled) Active: failed (Result: exit-code) since Mon 2024-07-29 17:21:47 UTC; 19min ago Process: 948 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS) Process: 949 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=1/FAILURE) CPU: 33ms Jul 29 17:21:47 ns42.example.org named[950]: directory '/var/named' is not writable Jul 29 17:21:47 ns42.example.org named[950]: /etc/named.conf:22: parsing failed: permission denied Jul 29 17:21:47 ns42.example.org loading configuration: permission denied Jul 29 17:21:47 ns42.example.org exiting (due to fatal error)

Why would (this newer version of) named need to write its zone files?

This is a non-recursive secondary/backup name server and this instance of BIND/named is not to change zones.

So I suppose the question could be: How can I tell BIND not to try to write into its zone directory and not to complain about not being able to?

Bind version is bind-9.16.23-18.el9_4.1.x86_64

EDIT: Out of cirousitycuriosity I temporarily made the folder writable by the named group and started the service. This is what it wrote:

-rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/localhost_resolver.mkeys.jnl -rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/external.mkeys.jnl -rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/internal.mkeys.jnl -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/internal.mkeys -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/external.mkeys -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/localhost_resolver.mkeys

So, these are some type of journal files. How can disable writing these journal entries as the zones are read-only anyway?

After upgrading a CentOS 7 server to AlmaLinux 9, and BIND along with it, I receive a new error message without changing (bind/named) configuration files:

systemctl status named × named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; preset: disabled) Active: failed (Result: exit-code) since Mon 2024-07-29 17:21:47 UTC; 19min ago Process: 948 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS) Process: 949 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=1/FAILURE) CPU: 33ms Jul 29 17:21:47 ns42.example.org named[950]: directory '/var/named' is not writable Jul 29 17:21:47 ns42.example.org named[950]: /etc/named.conf:22: parsing failed: permission denied Jul 29 17:21:47 ns42.example.org loading configuration: permission denied Jul 29 17:21:47 ns42.example.org exiting (due to fatal error)

Why would (this newer version of) named need to write its zone files?

This is a non-recursive secondary/backup name server and this instance of BIND/named is not to change zones.

So I suppose the question could be: How can I tell BIND not to try to write into its zone directory and not to complain about not being able to?

Bind version is bind-9.16.23-18.el9_4.1.x86_64

EDIT: Out of cirousity I temporarily made the folder writable by the named group and started the service. This is what it wrote:

-rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/localhost_resolver.mkeys.jnl -rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/external.mkeys.jnl -rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/internal.mkeys.jnl -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/internal.mkeys -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/external.mkeys -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/localhost_resolver.mkeys

So, these are some type of journal files. How can disable writing these journal entries as the zones are read-only anyway?

After upgrading a CentOS 7 server to AlmaLinux 9, and BIND along with it, I receive a new error message without changing (bind/named) configuration files:

systemctl status named × named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; preset: disabled) Active: failed (Result: exit-code) since Mon 2024-07-29 17:21:47 UTC; 19min ago Process: 948 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS) Process: 949 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=1/FAILURE) CPU: 33ms Jul 29 17:21:47 ns42.example.org named[950]: directory '/var/named' is not writable Jul 29 17:21:47 ns42.example.org named[950]: /etc/named.conf:22: parsing failed: permission denied Jul 29 17:21:47 ns42.example.org loading configuration: permission denied Jul 29 17:21:47 ns42.example.org exiting (due to fatal error)

Why would (this newer version of) named need to write its zone files?

This is a non-recursive secondary/backup name server and this instance of BIND/named is not to change zones.

So I suppose the question could be: How can I tell BIND not to try to write into its zone directory and not to complain about not being able to?

Bind version is bind-9.16.23-18.el9_4.1.x86_64

EDIT: Out of curiosity I temporarily made the folder writable by the named group and started the service. This is what it wrote:

-rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/localhost_resolver.mkeys.jnl -rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/external.mkeys.jnl -rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/internal.mkeys.jnl -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/internal.mkeys -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/external.mkeys -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/localhost_resolver.mkeys

So, these are some type of journal files. How can disable writing these journal entries as the zones are read-only anyway?

Source Link
Ned64
Ned64
  • 9.3k
  • 9
  • 58
  • 94

Bind error after update: directory '/var/named' is not writable - No writing necessary!

After upgrading a CentOS 7 server to AlmaLinux 9, and BIND along with it, I receive a new error message without changing (bind/named) configuration files:

systemctl status named × named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; preset: disabled) Active: failed (Result: exit-code) since Mon 2024-07-29 17:21:47 UTC; 19min ago Process: 948 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS) Process: 949 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=1/FAILURE) CPU: 33ms Jul 29 17:21:47 ns42.example.org named[950]: directory '/var/named' is not writable Jul 29 17:21:47 ns42.example.org named[950]: /etc/named.conf:22: parsing failed: permission denied Jul 29 17:21:47 ns42.example.org loading configuration: permission denied Jul 29 17:21:47 ns42.example.org exiting (due to fatal error)

Why would (this newer version of) named need to write its zone files?

This is a non-recursive secondary/backup name server and this instance of BIND/named is not to change zones.

So I suppose the question could be: How can I tell BIND not to try to write into its zone directory and not to complain about not being able to?

Bind version is bind-9.16.23-18.el9_4.1.x86_64

EDIT: Out of cirousity I temporarily made the folder writable by the named group and started the service. This is what it wrote:

-rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/localhost_resolver.mkeys.jnl -rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/external.mkeys.jnl -rw-r--r--. 1 named named 1045 Jul 29 17:51 /var/named/internal.mkeys.jnl -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/internal.mkeys -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/external.mkeys -rw-r--r--. 1 named named 821 Jul 29 17:52 /var/named/localhost_resolver.mkeys

So, these are some type of journal files. How can disable writing these journal entries as the zones are read-only anyway?