Red Hat Bugzilla – Bug 964373
Chrooted BIND fails to start if files are already present in /var/named/chroot/var/named
Last modified: 2015-10-05 22:31:20 EDT
+++ This bug was initially created as a clone of Bug #905244 +++
Description of problem: If files are created in /var/named/chroot/var/named when named is stopped, named will fail to start next time its init script is run
Version-Release number of selected component (if applicable): 9.8.2-0.17.rc1
How reproducible: 100%
Steps to Reproduce:
1. Install bind-chroot
2. Create files in /var/named/chroot/var/named
3. service bind start
Actual results: BIND fails to start. If /var/named is manually bind-mounted to /var/named/chroot/var/named, BIND will start normally.
Expected results: BIND should start normally on its own.
(In reply to Joe Thompson from comment #0)
> Steps to Reproduce:
> 1. Install bind-chroot
> 2. Create files in /var/named/chroot/var/named
> 3. service bind start
> Actual results: BIND fails to start. If /var/named is manually bind-mounted
> to /var/named/chroot/var/named, BIND will start normally.
Before I was not aware of a NOTICE in /etc/sysconfig/named that /var/named
will be mounted into the chroot only if $CHROOT_DIR/var/named is empty. The
same for /etc/pki/dnssec-keys and /etc/named.
The reason is that if you keep everything in /var/named it is easier to maintain.
If you start named without chroot, it will use files in /var/named and if you
start named in chroot it will use the same files in /var/named, since they
will be mounted.
The reason why /var/named is not mounted into $CHROOT_DIR/var/named if it is not
empty is because all your files in $CHROOT_DIR/var/named would disappear for the
time /var/named is mounted there.
I'm having second thoughts if this is in fact an issue. Also if it is worth of
changing, because it would only complicate things. I see no reason why anyone
would have a problem to keep all files in /var/named while keeping the
Joe, are you OK with closing this Bug as WONTFIX because of reasons stated
in my comment #1 ?
I think it would be for the best to include the notice from /etc/sysconfig/named
about keeping dirs in the chroot empty in the Deployment Guide to keep things
clear and to prevent confusion.
I discussed the change with Stephen Wadeley (content services) and he agreed
to change it for RHEL and also for Fedora.
I think it would be good to more clearly document that, yes, as well as to have the error output from a failed start due to this issue be more informative.