running bind-chroot the config-check does not recognize that directory "/var/named"; starts physically under /var/named/chroot/ and so include "zones-home-ptr/config.dns"; is correct because if you use the real fs-path bind would not start
/etc/named.conf:174: open: zones-home-ptr/config.dns: file not found
[root@ns2:~]$ locate config.dns
You have to pass the "-t <rootdir>" argument to named-checkconf:
`man 8 named-checkconf` says:
Chroot to directory so that include directives in the configuration file are processed as if run by a similarly chrooted named.
After that everything should work as expected. Closing.
but the chroot is the default and rkhunter is checking this also (both fedora packages)
(In reply to comment #2)
> but the chroot is the default and rkhunter is checking this also (both fedora
Right you are. However I cannot change default behaviour of named-checkconf because it will be too big divergence from upstream.
Another possible solution is to re-add the "checkconfig" target to the initscript to F14 (it is already present in F15 initscript). The initscript can automatically add the -t option to the named-checkconf so everything is OK.
If you want the "checkconfig" target in the F14, please reopen this bug and I will add it.
i think this would make sense because it is odd that rkhunter warns about inconsistent named-configuration