지정된 데이터 파일에서 내가 생성한 영역이 권한 오류로 인해 로드되지 않는다는 것을 확인했습니다.
[root@office1 tmp]# cat /var/named/data/named.run
info: managed-keys-zone: loaded serial 11
info: zone 0.in-addr.arpa/IN: loaded serial 0
info: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
info: zone localhost.localdomain/IN: loaded serial 0
info: zone localhost/IN: loaded serial 0
notice: all zones loaded
notice: running
info: received control channel command 'stop'
info: shutting down: flushing changes
notice: stopping command channel on 127.0.0.1#953
notice: stopping command channel on ::1#953
info: no longer listening on 127.0.0.1#53
info: no longer listening on 10.73.111.72#53
info: no longer listening on 192.168.122.1#53
notice: exiting
info: managed-keys-zone: journal file is out of date: removing journal file
info: managed-keys-zone: loaded serial 12
info: zone 0.in-addr.arpa/IN: loaded serial 0
info: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
info: zone localhost.localdomain/IN: loaded serial 0
info: zone localhost/IN: loaded serial 0
error: zone example.vm/IN: loading from master file db.example failed: permission denied
error: zone example.vm/IN: not loaded due to errors.
notice: all zones loaded
notice: running
info: received control channel command 'stop'
info: shutting down: flushing changes
notice: stopping command channel on 127.0.0.1#953
notice: stopping command channel on ::1#953
info: no longer listening on 127.0.0.1#53
info: no longer listening on 10.73.111.72#53
info: no longer listening on 192.168.122.1#53
notice: exiting
info: managed-keys-zone: journal file is out of date: removing journal file
info: managed-keys-zone: loaded serial 13
info: zone 0.in-addr.arpa/IN: loaded serial 0
info: zone localhost.localdomain/IN: loaded serial 0
info: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
info: zone localhost/IN: loaded serial 0
error: zone example.vm/IN: loading from master file db.example failed: **permission denied**
error: zone example.vm/IN: not loaded due to errors.
notice: all zones loaded
notice: running
영역 파일 db.example에 대한 그룹 권한을 그룹과 동일하게 설정했습니다.
[root@office1 named]# ls -l
total 24
drwxrwx---. 2 named named 49 Nov 25 03:48 data
-rw-r-----. 1 root root 246 Nov 28 14:08 db.example
-rw-r-----. 1 root named 234 Nov 28 08:20 db.office1
drwxrwx---. 2 named named 31 Nov 29 10:37 dynamic
-rw-r-----. 1 root named 2281 May 22 2017 named.ca
-rw-r-----. 1 root named 152 Dec 15 2009 named.empty
-rw-r-----. 1 root named 152 Jun 21 2007 named.localhost
-rw-r-----. 1 root named 168 Dec 15 2009 named.loopback
drwxrwx---. 2 named named 6 Aug 27 08:40 slaves
어떤 아이디어가 있나요?
답변1
귀하의 배포판은 아마도 binduser named및 group 으로 실행 중일 것입니다 named. 그렇지 않으면 해당 사용자 및 그룹이 디렉터리를 /var/lib/named소유하지 않을 것입니다.
소유자 db.example가 root:root640이고 모드가 640이므로 권한이 거부되었습니다.