Web lists-archives.com

Re: bind gets permission errors in buster--systemd-related?

I also have a similar problem accessing /run/named.  bind can't create the directory or any files in it.  The error messages:

couldn't mkdir '//run/named': Permission denied

could not create //run/named/session.key

Apparmor problems can be fixed by running aa-logprof and selecting the best "fix" for your system.  I have done that if needed over the months since apparmor was installed.  The other problem is that /run is a type tmpfs so it is created after each boot so any manual fixes are lost after a reboot.  I also have the same problem for the apt-cacher-ng program.  Since this machine is my router for my home network it is rarely rebooted so I have a temporary fix by running the following script manually:

cd /run

mkdir named
chown bind.bind named
systemctl restart bind9

mkdir apt-cacher-ng

chown apt-cacher-ng.apt-cacher-ng apt-cacher-ng
systemctl restart apt-cacher-ng

My /etc/bind config directory has no reference to /run.  I do see a /run/resolvconf directory which has resolv.conf in it pointing to localhost and search domain.  This seems correct since bind is listening on localhost and you want to actually use bind to get and cache dns requests.

My bind is version 9.11.5.P4+dfsg-5.