> -----Original Message----- > From: Peter Andreev [mailto:andreev.pe...@gmail.com] > Sent: den 17 augusti 2011 16:16 > To: Fredrik Poller > Subject: Re: rndc: 'addzone' failed: permission denied > > 2011/8/17 Fredrik Poller <fredrik.pol...@zetup.se>: > >> -----Original Message----- > >> From: bind-users-bounces+fredrik.poller=zetup...@lists.isc.org > >> [mailto:bind-users-bounces+fredrik.poller=zetup...@lists.isc.org] On > >> Behalf Of Torinthiel > >> Sent: den 17 augusti 2011 15:45 > >> To: bind-users@lists.isc.org > >> Subject: Re: rndc: 'addzone' failed: permission denied > >> > >> On 2011-08-17 15:24, Fredrik Poller wrote: > >> > Hello, > >> > > >> > I'm trying to use the new addzone feature in rndc, but all I get is > >> > the > >> following error message: > >> > > >> > # rndc addzone 'example.com in external { type slave; file > >> > "example.com"; > >> masters { 192.168.142.133; }; };' > >> > rndc: 'addzone' failed: permission denied > >> > > >> > rndc is configured and works well with other commands. > >> > > >> > The bind log file doesn't tell me anything, despite increasing the > >> > trace level, > >> it only acknowledges that the request was received. Running rndc with > >> -V doesn't reveal anything useful. > >> > > >> > I've tried with and without views, I've tried to add both master > >> > and slave > >> zones with different filenames (both relative and full path). Out of > >> desperation I've also instituted some very liberal file permissions > >> on everything named related, but no luck. > >> > >> > >> Do you use chroot jail? Maybe the paths are different, and that's why it > fails. > > Nope. > > > >> Also, does 'very liberal' mean a+rwX, or something else? Bind might > >> be trying to write as a user you are not expecting. > > I've tried all combination ranging from chowning everything to the named > user to chmoding everything 777. > > Did you set "allow-new-zones" to "yes" in config file? That's it! Thank you.
Unfortunately the named.conf and rndc man pages doesn't say anything about the allow-new-zones directive. > > > >> > >> Regards, > >> Torinthiel > >> _______________________________________________ > >> Please visit https://lists.isc.org/mailman/listinfo/bind-users to > >> unsubscribe from this list > >> > >> bind-users mailing list > >> bind-users@lists.isc.org > >> https://lists.isc.org/mailman/listinfo/bind-users > > > > Thanks for your input > > > > Best regards, > > Fredrik Poller > > _______________________________________________ > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > > unsubscribe from this list > > > > bind-users mailing list > > bind-users@lists.isc.org > > https://lists.isc.org/mailman/listinfo/bind-users > > > > > > -- > -- > AP _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
