I run bind 9.8.1-P1 on an Ubuntu 12.04 server and encountered this issue. I resolved it by:
1. Adding to /etc/bind/named.conf.options this line inside the options braces:
managed-keys-directory "/var/named/dynamic";
2. Creating /var/named and /var/named/dynamic and doing:
sudo chown -R bind /var/named
3. Turning off AppArmor for named using:
sudo aa-complain usr.sbin.named
The last step was necessary because in dmesg I observed:
[22242455.552280] type=1400 audit(1345503871.458:10): apparmor="DENIED" operation="mknod" parent=11043 profile="/usr/sbin/named" name="/var/named/dynamic/managed-keys.bind.jnl" pid=11045 comm="named" requested_mask="c" denied_mask="c" fsuid=106 ouid=106
I run bind 9.8.1-P1 on an Ubuntu 12.04 server and encountered this issue. I resolved it by:
1. Adding to /etc/bind/ named.conf. options this line inside the options braces:
managed- keys-directory "/var/named/ dynamic" ;
2. Creating /var/named and /var/named/dynamic and doing:
sudo chown -R bind /var/named
3. Turning off AppArmor for named using:
sudo aa-complain usr.sbin.named
The last step was necessary because in dmesg I observed:
[22242455.552280] type=1400 audit(134550387 1.458:10) : apparmor="DENIED" operation="mknod" parent=11043 profile= "/usr/sbin/ named" name="/ var/named/ dynamic/ managed- keys.bind. jnl" pid=11045 comm="named" requested_mask="c" denied_mask="c" fsuid=106 ouid=106