search for: named_zone_t

...med.conf' Aug 15 14:09:46 devserver21 named: named reload succeeded Aug 15 14:09:46 devserver21 kernel: audit(1250359786.568:31): avc: denied { write } for pid=5103 comm="named" name="named" dev=dm-0 ino=28148843 scontext=user_u:system_r:named_t tcontext=system_u:object_r:named_zone_t tclass=dir Aug 15 14:09:46 devserver21 kernel: audit(1250359786.568:32): avc: denied { add_name } for pid=5103 comm="named" name="tmp-XXXXtGN8y7" scontext=user_u:system_r:named_t tcontext=system_u:object_r:named_zone_t tclass=dir Aug 15 14:09:46 devserver21 kernel: audit(1250...

...OOTDIR is set in /etc/sysconfig/named. The "named" group must be granted read privelege to these files in order for named to be enabled to read them. Any file created in the zone database file directory is automatically assigned the SELinux file context named_zone_t . By default, SELinux prevents any role from modifying named_zone_t files; this means that files in the zone database directory cannot be modified by dynamic DNS (DDNS) updates or zone transfers. The Red Hat BIND distribution and SELinux policy creates three...

Hello, it has been a while since I had setup a DNS-Server with CentOS 6; these days I added a few zones needed for DDNS; this works but in /etc/ I found quite a strange file, I'm not sure if it was in use at the beginning I used this system as a DNS-Server, and after several 'yum update' not any more; /etc/named.root.key with this content managed-keys { # DNSKEY for the root zone. #

...t; I'm also using ddns and have my zone files in >> /var/named/chroot/var/named/dynamic. > are you using DDNS in DualStack (IPv4 and IPv6 together) or do you > have only DHCP or DHCPv6 and not both? IPv4 only. > By default, SELinux prevents any role from modifying > named_zone_t > files; this means that files in the zone database directory > cannot be > modified by dynamic DNS (DDNS) updates or zone transfers. > > The Red Hat BIND distribution and SELinux policy creates three > directories where named is allowed to create and...

...51:30 dnssrvr named[2526]: client 192.168.1.2#38618: view wkst: updating zone 'ddns.local/IN': update unsuccessful: WIN7HOST.ddns.local: 'name not in use' prerequisite not satisfied (YXDOMAIN) for several times; >> By default, SELinux prevents any role from modifying named_zone_t >> files; this means that files in the zone database directory >> cannot be >> modified by dynamic DNS (DDNS) updates or zone transfers. >> >> The Red Hat BIND distribution and SELinux policy creates three >> directories where named i...