tags:

views:

127

answers:

0

Named works great. It creates a pid in /var/run/named/named.pid as expected. It is listening on port 953 as shown by the log: Apr 20 14:42:38 guchuko named[9115]: command channel listening on 127.0.0.1#953 But whenever I try to run "rndc reload" I get: rndc: 'reload' failed: permission denied

What file is it being denied permission to ? It doesn't log anything so I don't know why it's not working. I've compiled bind 9.4-ESV-R1 from source and I've patched it with the mysql mod.

my named.conf:

options {
    directory "/var/bind";

    forwarders {
            203.82.213.101;
            203.188.144.1;
    };

    listen-on-v6 { none; };
    listen-on {
            127.0.0.1;
            192.168.0.6;
    };

    pid-file "/var/run/named/named.pid";
};

logging {
    channel simple_log {
            file "/var/log/named.log" versions 3 size 5m;
            severity debug 5;
            print-time yes;
            print-severity yes;
            print-category yes;
    };
    category default {
            simple_log;
    };
};

zone "." IN {
    type hint;
    file "named.ca";
};

zone "localhost" IN {
    type master;
    file "pri/localhost.zone";
    allow-update { none; };
    notify no;
};

include "/etc/rndc.key"

my rndc.conf

options {
    default-server  127.0.0.1;
    default-key     "rndc-key";
};
server 127.0.0.1 {
    key     "rndc-key";
};
include "/etc/rndc.key";

my rndc.key:

key "rndc-key" {
    algorithm hmac-md5;
    secret "XFc8C+yCLK0mIheTSBj41g==";
};