Comment 3 for bug 236510

Ah, come on, it's not that hard to configure apparmor for a chrooted bind. Take a look at syslog to see what apparmor prevented (probably sys_chroot and a few accesses to files). Running 'aa-logprof' should help you getting the configuration correct (after that you might want to remove the lines which are not needed for your chroot environment from /etc/apparmor.d/usr.sbin.named).

While playing with configurations it's also useful to use the complain-mode (aa-complain <profile) and switch back to enforce-mode later (aa-enforce <profile>). (Symlinks in /etc/apparmor.d/force-complain override the enforce flag).

If your named profile already was in complain mode and named didn't work properly, then there's another unrelated problem with your chroot setup.