Seem like I am facing the bug, here are my configurations and permission of the directories: ====logs==== Jul 31 04:35:33 bind named[5139]: received control channel command 'stop -p' Jul 31 04:35:33 bind named[5139]: shutting down: flushing changes Jul 31 04:35:33 bind named[5139]: stopping command channel on 127.0.0.1#953 Jul 31 04:35:33 bind named[5139]: stopping command channel on ::1#953 Jul 31 04:35:33 bind named[5139]: no longer listening on 127.0.0.1#53 Jul 31 04:35:33 bind named[5139]: no longer listening on 192.168.0.103#53 Jul 31 04:35:33 bind named[5139]: exiting Jul 31 04:35:33 bind named[5177]: starting BIND 9.8.0-P2 -u bind Jul 31 04:35:33 bind named[5177]: built with '--prefix=/usr' '--with-openssl=yes' '--sysconfdir=/etc/bind' '--with-randomdev=/dev/urandom' Jul 31 04:35:33 bind named[5177]: using up to 4096 sockets Jul 31 04:35:33 bind named[5177]: loading configuration from '/etc/bind/named.conf' Jul 31 04:35:33 bind named[5177]: reading built-in trusted keys from file '/etc/bind/bind.keys' Jul 31 04:35:33 bind named[5177]: using default UDP/IPv4 port range: [1024, 65535] Jul 31 04:35:33 bind named[5177]: using default UDP/IPv6 port range: [1024, 65535] Jul 31 04:35:33 bind named[5177]: listening on IPv4 interface lo, 127.0.0.1#53 Jul 31 04:35:33 bind named[5177]: listening on IPv4 interface eth4, 192.168.0.103#53 Jul 31 04:35:33 bind named[5177]: binding TCP socket: address in use Jul 31 04:35:33 bind named[5177]: Could not open '/usr/var/run/named/named.pid'. Jul 31 04:35:33 bind named[5177]: Please check file and directory permissions or reconfigure the filename. Jul 31 04:35:33 bind named[5177]: could not open file '/usr/var/run/named/named.pid': Permission denied Jul 31 04:35:33 bind named[5177]: generating session key for dynamic DNS Jul 31 04:35:33 bind named[5177]: Could not open '/usr/var/run/named/session.key'. Jul 31 04:35:33 bind named[5177]: Please check file and directory permissions or reconfigure the filename. Jul 31 04:35:33 bind named[5177]: could not open file '/usr/var/run/named/session.key': Permission denied Jul 31 04:35:33 bind named[5177]: could not create /usr/var/run/named/session.key Jul 31 04:35:33 bind named[5177]: failed to generate session key for dynamic DNS: permission denied Jul 31 04:35:33 bind named[5177]: set up managed keys zone for view _default, file 'managed-keys.bind' Jul 31 04:35:33 bind named[5177]: command channel listening on 127.0.0.1#953 Jul 31 04:35:33 bind named[5177]: command channel listening on ::1#953 Jul 31 04:35:33 bind named[5177]: zone 0.in-addr.arpa/IN: loaded serial 1 Jul 31 04:35:33 bind named[5177]: zone 127.in-addr.arpa/IN: loaded serial 1 Jul 31 04:35:33 bind named[5177]: zone 255.in-addr.arpa/IN: loaded serial 1 Jul 31 04:35:33 bind named[5177]: zone localhost/IN: loaded serial 2 Jul 31 04:35:33 bind named[5177]: zone cnadn.net/IN: loaded serial 2011091804 Jul 31 04:35:33 bind named[5177]: zone sub.cnadn.net/IN: loaded serial 2011062601 Jul 31 04:35:33 bind named[5177]: managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found Jul 31 04:35:33 bind named[5177]: managed-keys-zone ./IN: loaded serial 0 Jul 31 04:35:33 bind named[5177]: running Jul 31 04:35:33 bind named[5177]: zone cnadn.net/IN: sending notifies (serial 2011091804) ========== ===named.conf=== options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; //allow-query {any;}; //allow-query-cache {any;}; tcp-clients 100; recursion no; // dnssec-enable yes; // All BIND 9 versions // dnssec-validation yes; // BIND 9.4.3-P2 and later // dnssec-lookaside . trust-anchor dlv.isc.org.; auth-nxdomain no; # conform to RFC1035 // listen-on-v6 { any; }; }; ============= =====ps output==== root@bind:/etc/bind# ps -aux | grep -i bind Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html root 4323 0.0 0.2 8180 1420 ? Ss 01:58 0:00 /usr/sbin/winbindd root 4341 0.0 0.2 8180 1244 ? S 01:58 0:00 /usr/sbin/winbindd root 4506 0.0 0.1 8180 908 ? S 02:23 0:00 /usr/sbin/winbindd root 4507 0.0 0.2 8184 1256 ? S 02:23 0:00 /usr/sbin/winbindd bind 4525 0.0 0.9 7892 4888 ? Ss 02:41 0:00 /usr/sbin/named -u bind bind 4540 0.0 0.9 7888 4864 ? Ss 02:57 0:00 /usr/sbin/named -u bind bind 4554 0.0 0.9 7888 4868 ? Ss 02:58 0:00 /usr/sbin/named -u bind bind 4574 0.0 0.9 7888 4896 ? Ss 03:03 0:00 /usr/sbin/named -u bind bind 5251 0.0 0.9 7884 4900 ? Ss 04:44 0:00 /usr/sbin/named -u bind root 5264 0.0 0.1 1748 532 pts/1 R+ 05:09 0:00 grep -i bind root@bind:/etc/bind# ================= =====ls ouput======== root@bind:/usr/var/run# pwd /usr/var/run root@bind:/usr/var/run# ls -lrt total 4 drwxrwxrwx 2 root bind 4096 Jul 31 04:34 named root@bind:/usr/var/run# cd named root@bind:/usr/var/run/named# ls root@bind:/usr/var/run/named# ==================================================== ======================Workaround====================== Config below 2 items in named.conf.options: pid-file "named.pid"; session-keyfile "session.key"; ------------------------------------------------------------------------------------------------------------------- The I am lucky: Jul 31 04:44:34 bind named[5251]: starting BIND 9.8.0-P2 -u bind Jul 31 04:44:34 bind named[5251]: built with '--prefix=/usr' '--with-openssl=yes' '--sysconfdir=/etc/bind' '--with-randomdev=/dev/urandom' Jul 31 04:44:34 bind named[5251]: using up to 4096 sockets Jul 31 04:44:34 bind named[5251]: loading configuration from '/etc/bind/named.conf' Jul 31 04:44:34 bind named[5251]: reading built-in trusted keys from file '/etc/bind/bind.keys' Jul 31 04:44:34 bind named[5251]: using default UDP/IPv4 port range: [1024, 65535] Jul 31 04:44:34 bind named[5251]: using default UDP/IPv6 port range: [1024, 65535] Jul 31 04:44:34 bind named[5251]: listening on IPv4 interface lo, 127.0.0.1#53 Jul 31 04:44:34 bind named[5251]: listening on IPv4 interface eth4, 192.168.0.103#53 Jul 31 04:44:34 bind named[5251]: binding TCP socket: address in use Jul 31 04:44:34 bind named[5251]: generating session key for dynamic DNS Jul 31 04:44:34 bind named[5251]: set up managed keys zone for view _default, file 'managed-keys.bind' Jul 31 04:44:34 bind named[5251]: command channel listening on 127.0.0.1#953 Jul 31 04:44:34 bind named[5251]: command channel listening on ::1#953 Jul 31 04:44:34 bind named[5251]: zone 0.in-addr.arpa/IN: loaded serial 1 Jul 31 04:44:34 bind named[5251]: zone 127.in-addr.arpa/IN: loaded serial 1 Jul 31 04:44:34 bind named[5251]: zone 255.in-addr.arpa/IN: loaded serial 1 Jul 31 04:44:34 bind named[5251]: zone localhost/IN: loaded serial 2 Jul 31 04:44:34 bind named[5251]: zone cnadn.net/IN: loaded serial 2011091804 Jul 31 04:44:34 bind named[5251]: zone sub.cnadn.net/IN: loaded serial 2011062601 Jul 31 04:44:34 bind named[5251]: managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found Jul 31 04:44:34 bind named[5251]: managed-keys-zone ./IN: loaded serial 0 Jul 31 04:44:34 bind named[5251]: running Jul 31 04:44:34 bind named[5251]: zone cnadn.net/IN: sending notifies (serial 2011091804) -------------------------------------------------------- ls output of : root@bind:/usr/var/run# cd /var/cache/bind root@bind:/var/cache/bind# cd .. root@bind:/var/cache# ls -lrt total 36 drwxr-xr-x 2 root root 4096 Jun 22 2007 pppconfig drwxr-xr-x 3 www-data www-data 4096 Sep 8 2008 apache2 drwxr-xr-x 2 root root 4096 Sep 8 2008 fontconfig drwxr-xr-x 2 root root 4096 Jun 25 11:21 debconf drwx------ 2 root root 4096 Jun 25 14:20 ldconfig drwxrwxr-x 2 root bind 4096 Jul 31 04:44 bind drwxr-xr-x 3 root root 4096 Jul 31 05:05 samba drwxr-xr-x 3 root root 4096 Jul 31 2011 apt drwxr-sr-x 41 man root 4096 Jul 31 2011 man root@bind:/var/cache# cd bind root@bind:/var/cache/bind# ls -lrt total 12 -rw-r--r-- 1 root root 498 Jun 25 13:10 db.example.net -rw------- 1 bind bind 102 Jul 31 04:44 session.key -rw-r--r-- 1 bind bind 5 Jul 31 04:44 named.pid ====================================================