bind error creating <zone name>.jnl

Issues related to configuring your network
Post Reply
dicksog
Posts: 7
Joined: 2012/04/06 19:43:11

bind error creating <zone name>.jnl

Post by dicksog » 2018/02/17 21:21:48

Ok

I did a vanilla install of bind onto a centos 6 box and dhcp on another. Got everything working after the usual typos :roll: then checking the /var/log/messages file kept on the dns server kept getting messages about "error (network unreachable) resolving address xxxxxx" and an error with "<zone name>.jnl create permission denied". After checking directory permissions, loads of websites, looking at selinux logs and all sorts of other things, I eventually read a book I've got by Cricket Liu and Paul Albitz. It said that .jnl files are created alongside the zone files (doh) checked that permissions of /var/named and realised that the installer had set the following "-rwxr-x---. 5 named named", changed it to "-rwxrwx---. 5 named named" and hey presto everything fixed.

Thought I'd post this in case somebody else starts wasting time looking for the solution.

dicksog

User avatar
avij
Forum Moderator
Posts: 2677
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: bind error creating <zone name>.jnl

Post by avij » 2018/02/17 22:59:36

A better solution would have been to leave the permissions of /var/named alone, and use /var/named/data for your authoritative zones and /var/named/slaves for your slave zones. The respective config in named.conf would have been file "data/example.com"; (or slaves) instead of file "example.com";

bind as shipped by CentOS has those directories set up out of the box.

User avatar
TrevorH
Forum Moderator
Posts: 23650
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: bind error creating <zone name>.jnl

Post by TrevorH » 2018/02/18 00:14:26

There's also an selinux boolean specifically to allow bind to write to its zone files.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply