2018年11月18日日曜日

failed: permission denied エラー対処方法(for bind)

◻️以下のpermission deniedのエラーが出た場合の対応方法について。

Nov 18 22:50:26 localhost.localdomain named[1953]: managed-keys-zone/internal: loaded serial 4
Nov 18 22:50:26 localhost.localdomain named[1953]: managed-keys-zone/external: loaded serial 0
Nov 18 22:50:26 localhost.localdomain named[1953]: zone 1.168.192.in-addr.arpa/IN/internal: loaded serial 2011062001
Nov 18 22:50:26 localhost.localdomain named[1953]: zone digihide.local/IN/internal: loading from master file digihide.local.lan.db failed: permission denied
Nov 18 22:50:26 localhost.localdomain named[1953]: zone digihide.local/IN/internal: not loaded due to errors.
Nov 18 22:50:26 localhost.localdomain named[1953]: zone digihide.local/IN/external: loading from master file digihide.local.wan.db failed: permission denied
Nov 18 22:50:26 localhost.localdomain named[1953]: zone digihide.local/IN/external: not loaded due to errors.
Nov 18 22:50:26 localhost.localdomain named[1953]: all zones loaded
Nov 18 22:50:26 localhost.localdomain named[1953]: running

Nov 18 22:50:26 localhost.localdomain systemd[1]: Started Berkeley Internet Name Domain (DNS).



以下のコマンドを投入すると解消できた。

[root@localhost named]# chown -R named:named /var/named/chroot/var/
[root@localhost named]# chmod -R u+rwx /var/named/chroot/var/

[root@localhost named]# systemctl status named-chroot

==============================================================
named-chroot.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named-chroot.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2018-11-18 22:52:24 JST; 2s ago
  Process: 1971 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
  Process: 2065 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} -t /var/named/chroot $OPTIONS (code=exited, status=0/SUCCESS)
  Process: 2063 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -t /var/named/chroot -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
 Main PID: 2067 (named)
   CGroup: /system.slice/named-chroot.service
           └─2067 /usr/sbin/named -u named -c /etc/named.conf -t /var/named/chroot -4

Nov 18 22:52:24 localhost.localdomain named[2067]: set up managed keys zone for view external, file '/var/named/dynamic/3c4623849a49a53911c4a3e48d8ce...7.mkeys'
Nov 18 22:52:24 localhost.localdomain named[2067]: command channel listening on 127.0.0.1#953
Nov 18 22:52:24 localhost.localdomain named[2067]: managed-keys-zone/internal: loaded serial 4
Nov 18 22:52:24 localhost.localdomain named[2067]: managed-keys-zone/external: loaded serial 0
Nov 18 22:52:24 localhost.localdomain named[2067]: zone 1.168.192.in-addr.arpa/IN/internal: loaded serial 2011062001
Nov 18 22:52:24 localhost.localdomain named[2067]: zone digihide.local/IN/external: loaded serial 2011062001
Nov 18 22:52:24 localhost.localdomain named[2067]: zone digihide.local/IN/internal: loaded serial 2011062001
Nov 18 22:52:24 localhost.localdomain named[2067]: all zones loaded
Nov 18 22:52:24 localhost.localdomain named[2067]: running
Nov 18 22:52:24 localhost.localdomain systemd[1]: Started Berkeley Internet Name Domain (DNS).
Hint: Some lines were ellipsized, use -l to show in fu
時刻:
ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)

EFS(Dockerfile)の記載について注意

  Dockerfileにefsのマウントパス宛に、ファイルコピーを行うと ECSのサービス作成時に、コンテナのデプロイ失敗に(container run time error)になるので 別経由で、EFSにファイルをコピーした方が良い!! <Dockerfile> ...