Designate

apparmor blocks bind9 from reading rndc.key

Bug #1714048 reported by Yaro Kifor on 2017-08-30

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Designate	Triaged	Undecided	Unassigned

Bug Description

- [X] This doc is inaccurate in this way: Doc neglects apparmor existences which can lead to a broken configuration.
- [ ] This is a doc addition request.
- [X] I have a fix to the document that I can paste below including example: Operators need to make sure that apparmor is disabled or configured correctly to allow for bind9 to access /etc/designate/rndc.key. This line needs to be add to /etc/apparmor.d/usr.sbin.named: "/usr/bin/named { ... /etc/designate/rndc.key r, }" for bind9 to start correctly.

If you have a troubleshooting or support issue, use the following resources:

- Ask OpenStack: http://ask.openstack.org
- The mailing list: http://lists.openstack.org
- IRC: 'openstack' channel on Freenode

-----------------------------------
Release: 5.0.0.0rc2.dev7 on 2017-08-22 12:57
SHA: e85f89a3a72b3efde921bff71af36400e5855704
Source: https://git.openstack.org/cgit/openstack/designate/tree/doc/source/install/install-ubuntu.rst
URL: https://docs.openstack.org/designate/latest/install/install-ubuntu.html

Tags:

Graham Hayes (grahamhayes) on 2017-09-06

Changed in designate:
status:	New → Triaged
tags:	added: docs
tags:	added: low-hanging-fruit

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.