On 3/28/2012 11:25 PM, steve wrote:> Samba4 latest git, Ubuntu 11.10, bind9.9.0
> Hi
>
> I have dynamic updates working but I've had to tweak apparmor:
>
> sudo aa-complain /etc/aparmor.d/usr.sbin.named
>
> This floods the logs with allow messages. I can remove this by:
>
> /etc/init.d/apparmor teardown
> Not ideal.
>
> Can I have bind9, s4 and apparmor at the same time?
>
> Thanks,
> Steve
I had to add a few lines to my named apparmor file
...
# Samba 4 support
/usr/local/samba/private/named.conf.update r,
/usr/local/samba/private/dns.keytab r,
# extras
/etc/bind.keys r,
/etc/rndc.key r,
/etc/rndc.conf r,
/var/run/bind/run/named/named.pid rw,
/var/run/bind/run/named/session.key rw,
...
I also moved the zone files to /var/lib/bind/