Ubuntu
bind9 package

resolvconf uses wrong path for bind9 and resolvconf

Bug #693002 reported by Jérôme Drouet
18
This bug affects 3 people
Affects Status Importance Assigned to Milestone
bind9 (Debian)
Fix Released
Unknown
bind9 (Ubuntu)
Triaged
Medium
Serge Hallyn

Bug Description

Binary package hint: apparmor

Hi,

The profile defined for named by aparmor is not correct (apparmor2.5.1~rc1-0ubuntu2 - ubuntu 10.10)

in /etc/apparmor.d/usr.sbin.named we find :
  # support for resolvconf
  /var/run/named/named.options r,

but resolvconf generates this file as "/var/run/bind/named.options" and not "/var/run/named/named.options"

Other ACLs also refer to the directory "/var/run/named/" wich does not even exist in ubuntu 10.10 (the correct path is /var/run/bind/"

this is the same problem for "/var/log/named/" direcorty, because of naming conventions in ubuntu : you'de rather log into "/var/log/bind/" instead

A possible solution :
substitute "/var/run/named/" to "/var/run/bind/" and "/var/log/named/" to "/var/log/bind/" in /etc/apparmor.d/usr.sbin.named

Another solution is tu use those "named" directories for logging/generating file with resolvconf

Cheers

Jamie Strandboge (jdstrand)
affects: apparmor (Ubuntu) → bind9 (Ubuntu)
tags: added: apparmor
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Thanks for taking the time to report this bug and helping to make Ubuntu better.

It appears as though the simplest solution is to edit etc/resolvconf/update.d/bind to change RUN_DIR to /var/run/named. /var/run/named is being used by bind9 in Ubuntu at the moment, and resolvconf simply needs to know about the right location.

Changed in bind9 (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

(Proposed a branch for merge at https://code.launchpad.net/~serge-hallyn/ubuntu/natty/resolvconf/fixbind/+merge/45087 )

Changed in bind9 (Ubuntu):
status: Triaged → In Progress
assignee: nobody → Serge Hallyn (serge-hallyn)
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Opened Debian bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608933

Changed in bind9 (Ubuntu):
status: In Progress → Triaged
Revision history for this message
Thomas Hood (jdthood) wrote :

This will be addressed in Debian resolvconf 1.48.

Bug Watch Updater (bug-watch-updater)
Changed in bind9 (Debian):
status: Unknown → Won't Fix
Bug Watch Updater (bug-watch-updater)
Changed in bind9 (Debian):
status: Won't Fix → Fix Released
Jamie Strandboge (jdstrand)
summary: - apparmor rights bug with bind9 and resovconf
+ resolvconf uses wrong path for bind9 and resovconf
tags: removed: apparmor
Thomas Hood (jdthood)
summary: - resolvconf uses wrong path for bind9 and resovconf
+ resolvconf uses wrong path for bind9 and resolvconf
Revision history for this message
Thomas Hood (jdthood) wrote :

This is also fixed in Ubuntu. Resolvconf no longer generates /var/run/bind/named.options.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.