9 Feb
2017
9 Feb
'17
10:36 p.m.
Well, actually it is me cp-ing files and SELinux yelling at me later...
I had named working, but detected that I had a couple clean ups to do in /etc/named.conf and an include file in /etc/named.
I made the changes, scp to my user id from my notebook, 'su' in my ssh session and cp the named.conf and other files. Made sure to fix the file ownership with chown root:named, and that permissions were correct. Then restarted named. Of course if failed. After a little playing and digging around I find:
# journalctl -xe
--
-- Unit named-setup-rndc.service has finished starting up.
--
-- The start-up result is done.
Feb 09 16:27:41 rigel.htt-consult.com systemd[1]: Starting Berkeley
Internet Nam
-- Subject: Unit named.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit named.service has begun starting up.
Feb 09 16:27:41 rigel.htt-consult.com bash[3082]: open: /etc/named.conf:
permiss
Feb 09 16:27:41 rigel.htt-consult.com systemd[1]: named.service: control
process
Feb 09 16:27:41 rigel.htt-consult.com systemd[1]: Failed to start
Berkeley Inter
-- Subject: Unit named.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit named.service has failed.
--
-- The result is failed.
Feb 09 16:27:41 rigel.htt-consult.com systemd[1]: Unit named.service
entered fai
Feb 09 16:27:41 rigel.htt-consult.com systemd[1]: named.service failed.
Feb 09 16:27:41 rigel.htt-consult.com polkitd[567]: Unregistered
Authentication
setenforce 0
and named starts right up, indicating it IS a SELinux issue.
So what SELinux magic do I need here and were is it documented?
thanks
2865
Age (days ago)
2865
Last active (days ago)
2 comments
2 participants
participants (2)
-
Gordon Messmer -
Robert Moskowitz