Sometimes it’s funny – you have a server that is totally not behaving well, and when you finally find it out you’ll be like “I need to put this somewhere so I can find it again. “
Well, and where do I find these tricks most of the time? On other blogs – so lets start by sometimes putting out small stories from the trenches.
So, what happend yesterday was an interesting story. We are providing a businesspartner of ours a small VM in our network, so they can actually have a redundant DNS Server (DNS Servers are the phonebook of the internet, so they are quite important still) – and there was the issue the DNS Server wasn’t replicating properly.
Regardless of the permissions I set, DNS kept complaining /etc/bind/zones/tmp-something: open: permission denied
I checked permissions, everything checks out. restart the box, change permissions, check out again, restart. Works when I do it as root, doesn’t when run as bind user
check out again, permissions, very fine, still can’t write.
now, unlike me, my friend has setup his DNS Server to keep the slave replicas in /etc/bind/slave – doesn’t matter where, but within /etc/bind.
And you’re not allowed to write there.
What’s the trick?
restart the Services:
service apparmor restart
service bind9 restart