Bug 121508 – bind does not work

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 121508 - bind does not work

Summary:	bind does not work

Status:	CLOSED RAWHIDE

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	bind (Show other bugs)
Sub Component:
Version:	rawhide
Hardware:	i686 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Jason Vas Dias
QA Contact:	Ben Levenson
Docs Contact:

URL:
Whiteboard:
Keywords:	SELinux

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2004-04-22 04:03 EDT by Yoshinobu Akimoto
Modified:	2007-11-30 17:10 EST (History)
CC List:	0 users

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2004-08-04 10:27:41 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Yoshinobu Akimoto 2004-04-22 04:03:40 EDT

From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.create the zone files with system-config-bind with GNOME
2.After check the zone file
3.modify the /etc/named.conf file
4.start the named service by click <GNOME menu> -> [System Settings] -
> [Server Settings] -> [Services]



Actual Results:  Start successfully but
Error[mdc.key open permission denied] is displayed.




Additional info:

audit2allow command shows an "allow" statement regarding "named.conf".
ping command can not find the host name which is specified in the 
zone file.

Comment 1 Daniel Walsh 2004-04-22 14:04:21 EDT

Please submit the avc messages.

Comment 2 Yoshinobu Akimoto 2004-04-24 21:08:28 EDT

---------- audit2allow1 (after Domain Name System tool) ----------

allow named_t named_conf_t:chr_file { read write };

---------- audit2allow1 (after Hand modified) ----------

allow consoletype_t sysadm_t:fifo_file { read write };
allow named_t named_conf_t:chr_file { read write };
allow ndc_t etc_t:file { read };

---------- error messages when named starts ----------

rndc: error: /etc/rndc.conf:33: open: /etc/rndc.key: permission denied
rndc: could not load rndc configuration

Comment 3 Yoshinobu Akimoto 2004-04-24 21:10:33 EDT

I modified the /etc/named.conf and  /var/named/chroot/etc/named.conf
from the default or created by Domain Name System tool. And then
I copied the zone files those in the /var/named/chroot/var/named
, created by Domain Name System tool, to /var/named.
So finally BIND worked. But there are some problems as following,
(1) Result shows following message
   "allow named_t named_conf_t:chr_file { read write };"
(2) When named service starts, followin message is shown
   "rndc: error: /etc/rndc.conf:33: open: /etc/rndc.key: permission 
denied"
   "rndc: could not load rndc configuration"

Comment 4 Jason Vas Dias 2004-08-04 10:27:41 EDT

Does not happen with new selinux targetted policy.

Note You need to log in before you can comment on or make changes to this bug.