Bug 1294731

Summary: named-chroot.service does not verify against chroot
Product: Red Hat Enterprise Linux 7 Reporter: Steven Haigh <netwiz>
Component: bindAssignee: Tomáš Hozza <thozza>
Status: CLOSED DUPLICATE QA Contact: qe-baseos-daemons
Severity: high Docs Contact:
Priority: unspecified    
Version: 7.2CC: netwiz, riehecky
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-01-04 08:45:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Steven Haigh 2015-12-30 03:41:04 UTC 
Description of problem:
bind-9.9.4-29.el7_2.1.x86_64 has a change that removed the -t option from named-chroot.service. As such, named-checkconf fails, and bind fails to start.

Version-Release number of selected component (if applicable):
bind-9.9.4-29.el7_2.1.x86_64

The faulty systemd unit seems to be: /usr/lib/systemd/system/named-chroot.service

It does a sanity check - but doesn't make it relative to the chroot:
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zone files is disabled"; fi'

If you add the chroot directive in there (which it probably should have anyway), then all works:
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z -t /var/named/chroot /etc/named.conf; else echo "Checking of zone files is disabled"; fi' 

While I don't have an RHEL reference, this is the change on the CentOS git import:
https://git.centos.org/blobdiff/!rpms!bind.git/d56ed2d3a2736a07a09c268f3b2607cca8f1b6ca/SOURCES!named-chroot.service
Comment 2 Tomáš Hozza 2016-01-04 08:45:24 UTC 

*** This bug has been marked as a duplicate of bug 1278082 ***