Ubuntu Servers :: Bind9 And Apparmor Error

Jan 3, 2011

using Ubuntu Server 10.10 x86_64 on this machine. It is used as a master DNS server for my domain. We have migrated it to Ubuntu from Gentoo. The problem is that AppArmor is spamming /var/log/syslog

Code:
Jan 3 14:38:40 hydra kernel: [2154828.893409] type=1400 audit(1294061920.141:660146): apparmor="DENIED" operation="mknod" parent=1 profile="/usr/sbin/named" name="/var/log/named_querylog" pid=15397 comm="named" requested_mask="c" denied_mask="c" fsuid=103 ouid=103
The zone files reside in /etc/bind/ and we have not changed anything in /etc/apparmor.d/usr.sbin.named .

We don't want to just uninstall apparmor, but how do we adjust its settings correctly?

View 5 Replies


ADVERTISEMENT

Ubuntu Servers :: Install Bind9 In 10

Sep 6, 2010

Im install bind9 in ubentu 10 with this turotial [url]my dns server is work in linux but my client user cannot use dns when client run nslookup in cmd Cannot find server name for address my_ip_linux :server faild Server: Unknown. im on linux valid ip

View 5 Replies View Related

Ubuntu Servers :: Adding Domain To BIND9?

Apr 20, 2010

I want to make BIND9 aware of my TLD so I need to give it an A record. Then I wanted to create CNAME for ftp, mail and so on as time permits

I have webmin so I need to work from that.

my TLD is [URL]

I wanted to bolt on www, ftp for now

www is port 80, ftp port 21 etc

View 1 Replies View Related

Ubuntu Servers :: Bind9 Failed To Start

Oct 6, 2010

when i started bind9, it showed me this error, Can anyone help me in this, according to me i dont have a file sysklogd so i can not restart that. that is why i think iam getting error while starting bind9. How to get that file and how to get started Bind9.

View 4 Replies View Related

Ubuntu Servers :: Bind9 Not Starting On Boot

Mar 2, 2011

Since I have not gotten anything on the "General Help" I am posting this here: When a Ubuntu 10.10 I have starts up apache2, MySQL and postfix start properly but bind9 doesn't. Once booted is I run 'sudo /etc/init.d/bind9 start' it starts. The only thing odd on this system is I have a "inet6 v4tunnel" interface defined in my /etc/network/interfaces. From booting in the syslog there is:

Code:

/var/log/syslog:Feb 28 19:02:42 ubuntu named[1029]: starting BIND 9.7.1-P2 -u bind -d 9
/var/log/syslog:Feb 28 19:02:42 ubuntu named[1029]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind'

[code]....

Even with the bind debug level at set at 90 I do not get any more in the logs that what I posted before. The lack of errors in the logs is giving me no idea where to start. I commented out the IPv6 tunnel interface and rebooted and still no help. bind still is not starting at boot. OK, it is not a permissions issue, I have changed the config and zone files to be owned by bind:bind, root:bind, root:root and bind:root and it has made no difference. Doing a fresh install on a Virtual Box VM and configure it in a similar manner bind9 starts normally. (I am almost to the point where I will rebuild the box)

View 9 Replies View Related

Ubuntu Servers :: Can't Get Bind9 Recursive To Work?

Apr 11, 2011

I have googled for hours and can not find an answer to what this means.

dig @172.16.255.254 twitter.com.
; <<>> DiG 9.7.0-P1 <<>> @172.16.255.254 twitter.com.
; (1 server found)
;; global options: +cmd
;; Got answer:

[Code]...

And I have a very long debuging log file I will not post unless requested. I also have added a ufw allow from all to all rule for testing purposes only.

View 6 Replies View Related

Ubuntu Servers :: DNS Not Working Properly (Maybe Be BIND9 Related)

Apr 26, 2010

I am migrating my server from Kloxo (lxadmin) to Ubuntu (webmin/virtualmin), and I already had my Nameservers on my register (Godaddy) to go to [URL] and [URL] along with my IP. (I set the ttl to 60 cuz I thought that might be a problem) Now, I do a dig [URL], it gives me this output.

Code:

; <<>> DiG 9.6.1-P2 <<>> thedomz.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40276

[code]...

I can go to my website only when I change my hosts file (on my windows machine).

View 9 Replies View Related

Ubuntu Servers :: Dhcpd Not Updating DNS Records In Bind9?

Jun 26, 2010

I'm having trouble getting dhcpd to update DNS records in bind9. I'm not seeing any journal files created for bind9. The following appears in syslog when a client machine connects to the network:

Code:
Jun 26 04:07:22 ubuntu dhcpd: DHCPDISCOVER from 00:23:df:44:78:83 via eth0
Jun 26 04:07:23 ubuntu dhcpd: DHCPOFFER on 10.0.0.112 to 00:23:df:44:78:83 (Computer1) via

[code]....

View 3 Replies View Related

Ubuntu Servers :: Bind9 Fails To Redirect Only Windows?

Aug 28, 2010

I operate a home network with Ubuntu Server 10.04 with services including DHCP3, Bind9, Apache, and so on. Since I host several dozen websites from home, I have to run Bind DNS. All Ubuntu boxes on my network operate fine. However, all Windows boxes on the network seem to forget to look internally for DNS after a couple of page loads on my internal sites. The network settings still indicate that my internal domain name server is the first lookup and everything seems normal.

View 2 Replies View Related

Ubuntu Servers :: Samba4 And Bind9 Auto Updates

Sep 2, 2010

I am using samba4 and bind9 (9.7.2rc1) on an ubuntu server 10.04.

Everything works fine, but bind9 ist unable to update DNS entries sent by clients.

I followed the tutorial [URL] but it doesn't work for me.

It doesn't look like a file permission problem:

Code:
-rw-r--r-- 1 root root /usr/local/samba/private/dns.keytab
-rw-r--r-- 1 root root /usr/local/samba/private/dns_update_list
-rw-r--r-- 1 root root /usr/local/samba/private/named.conf
-rw-r--r-- 1 root root /usr/local/samba/private/named.conf.update

[Code].....

View 2 Replies View Related

Ubuntu Servers :: Bind9 Errors: Unknown Option 'zone'

Aug 11, 2010

I am trying to get bind 9 up and running on a new installation of server 10.04 and keep getting errors when starting the daemon -

* /etc/bind/named.conf.local:19: unknown option 'zone'
* /etc/bind/named.conf.local:20: unknown option 'zone'
* /etc/bind/named.conf.default-zones:3: unknown option 'zone'
* /etc/bind/named.conf.default-zones:11: unknown option 'zone'
* /etc/bind/named.conf.default-zones:16: unknown option 'zone'
* /etc/bind/named.conf.default-zones:21: unknown option 'zone'
* /etc/bind/named.conf.default-zones:26: unknown option 'zone'

The onlything I could find after scrubbing the internet is once ina while there's a missing bracket. But I have checked and triple checked my config files and the syntax and can't find anything wrong. I have another installation of bind9 running on Fedora and the same exact syntax works just fine.

[Code]....

View 2 Replies View Related

Ubuntu Servers :: 9.10 - Using Bind9 As DNS Server On LAN - Does Not Seem To Translate Its Own Hostname Correctly

Sep 8, 2010

Im using bind9 as DNS server on my LAN, but it does not seem to translate its own hostname correctly for some reason. Other hosts is translated correctly, the problem only seems to apply to the DNS host itself. if i "ping <server_hostname>" from the server, it translates correctly. But if i "ping <server_hostname>" from the client it only says "unknown host" The client has the correct DNS-server assigned. How can i start troubleshooting this?

[Code]...

View 3 Replies View Related

Ubuntu Servers :: Bind9 Attempting Ipv6 On Ipv4 Network

Oct 29, 2010

After upgrading from 9.10 to 10.04, a hundred or so of (for example)

Code:
error (network unreachable) resolving '14.42.117.203.in-addr.arpa/PTR/IN': 2001:500:13::c7d4:35#53: 1 Time(s)

messages appear in syslog each day. Each URL has from 2 - 6 attempts at various ipv6 addresses. My question is why is bind9 trying to resolve ipv6 addresses? I have done nothing to enable or disable ipv6 and thought that if not explicitly enabled I would not have to be concerned with it.

View 1 Replies View Related

Ubuntu Servers :: Setting Up BIND9 - Kerberos.xeonserver (not Configured Yet)

Dec 25, 2010

I am having trouble with setting up BIND9 for 6 virtual servers that use ubuntu x64 v10.10. I have main server running ubuntu as well. host name is xeonserver I would like to explain my setup first.

my router ip: 192.168.1.1/24 host server for VMs ip: 192.168.1.2/24 Then on qemu my virtual machines are in 10.0.0.0/24 network, gateway to my router is 10.0.0.1

1. kerberos.xeonserver (not configured yet) 10.0.0.2
2. dns.xeonserver (the one I have trouble with) 10.0.0.3
3. mysql.xeonserver (not configured yet) 10.0.0.4
4. apache.xeonserver (not configured yet) 10.0.0.5
5. ftp.xeonserver (not configured yet) 10.0.0.6
6. mail.xeonserver (not configured yet) 10.0.0.7

To configure it I followed instructions found on [URL]

[Code]...

View 1 Replies View Related

Ubuntu Servers :: Bind9 For DNS Installed - Virtual Hosts Configurable

Jun 11, 2011

I have installed bind9 for DNS. I have also installed Apache2, PHP5, MySQL, and correctly configured these together. When I view domain1.co.uk it currently works fine as required. I would like to change it to:
* /var/www/domain1.co.uk/prod/ - becomes the root dir of domain1.co.uk
* /var/www/domain2.co.uk/prod/ - becomes the root dir of domain2.co.uk

Nevertheless, I have created a the following files; these are copies of the "default" file and correctly amended. the required destination directories are in place!
* /etc/apache2/sites-available/domain1.co.uk
* /etc/apache2/sites-available/domain2.co.uk

I then executed:
Code:
sudo ln -s domain1.co.uk ../sites-enabled/domain1.co.uk
Code:
sudo ln -s domain2.co.uk ../sites-enabled/domain2.co.uk

It is important to understand domain1.co.uk and domain2.co.uk represent 2 Existing domain names I own, and both point to my server.
domain1.co.uk currently works in /var/www
Why I would like multiple domain names on the server.

View 1 Replies View Related

Ubuntu Servers :: Bind9 Views - Reverse Lookup Zone Doesn't Work ?

Apr 1, 2011

I'm at a loss to why my reverse lookup zone doesn't work for me.I've got two views. One internal and one external. My domain is isp2.datornatverk.se. Public IP: 130.240.133.81.

dig -x @8.8.8.8 130.240.133.81

gives me:

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

I've set it up so that the internal subnets gets the domains resolved to the internal IP-addresses. When querying from external addresses I will get public IP.My named.conf.local file:

Code:
acl internals {
127.0.0.0/8;[code]..........

I don't know whether the views has messed something up. It worked before I added the views.

View 3 Replies View Related

Ubuntu Installation :: [Jaunty] Apparmor Error When Upgrading Firefox

Jan 23, 2010

When I use a package manager (aptitude or synaptic) to install updates to firefox (3.6), I get the following error:

[Code]...

View 1 Replies View Related

Ubuntu :: Can't Boot 9.10 With Apparmor Profiles Failed To Load Error

Mar 7, 2010

Ubuntu 9.10 stops booting with apparmor profiles failed to load error message in recovery mode.In the usual mode it hangs at the logo stage.I tried all the kernels listed but the boot process hangs every time.I searched for a solution but could not find it. Windows 7 boots fine.I haven't installed grub to the MBR.I had to reinstall the windows bootloader but I am not sure if it's related to the problem.I would like not to reinstall the os.

View 7 Replies View Related

OpenSUSE :: Apparmor Security Event Notification Error

Nov 13, 2010

Currently the Apparmor program has the notification logs saved to /etc/apparmor/notify.cfg, however, when I try to save the notification after putting my email address in, I get an error saying "Configuration failed for the following operations: Unable to write config changes to /etc/apparmor/notify.cfg"looking inside the folder, I do not see any file named "notify.cfg" BUT I do see so files called reports.conf, logprof.conf, and reports.crontab. I am guessing that the program is asking to save the notification changes to a file that does not exist and in fact one of those three files are the proper ones to use. Well if that is the case then how would I go about fixing this error?

View 4 Replies View Related

Ubuntu :: Apparmor 2.4 Compatibility Patch?

Jan 26, 2011

I was trying to install apparomor-profiles, and the terminal spewed a lot of error messages. They all said, "Kernel needs 2.4 compatibility patch."

Where is this patch, (I tried Google), and how do I install it?

View 1 Replies View Related

Ubuntu Security :: AppArmor For All Users

Jun 10, 2011

I set the profile for Firefox to enforce sudo aa-enforce firefox.Does this now apply to all users on my system or just the user I was logged in as?

View 2 Replies View Related

Ubuntu :: 9.10 - AppArmor Loading Then Screen Just Blank

Jan 22, 2010

I am new to ubuntu and I would really like to try it out, however I cant do the demo it freezes, I cant boot it either. I got rid of the quiet splash and watched it load. The last thing I saw before it went to just a blank screen was the ubuntu logo and it said loading apparmor then ok, went back to the previous command line screen and said done. Then it was just blank. No mouse, no blinking cursor, nothing.

View 2 Replies View Related

Ubuntu Security :: Apparmor Will Work On The 10.04 Livecd?

Jan 29, 2010

Does anyone know if Apparmor will work on the Ubuntu 10.04 livecd? I know there are currently issues running Apparmor on stacked filesystems with aufs. Currently a casper scripts disables Apparmor during boot up. Would be very useful if it could be run in a live session.

View 4 Replies View Related

Ubuntu Security :: Set Up An Apparmor Profile For Firefox?

Apr 28, 2010

Anyone set up an Apparmor profile for Firefox?

View 9 Replies View Related

Ubuntu Security :: Disable The Apparmor In Firefox

Aug 8, 2010

Inspite i have read through the sticky link but i have a query.

Example,

If you have your firefox under enforce mode in apparmor,are you still able to install an update / addon to it to a newer version.

If not,how to disable the apparmor in firefox.Is it as below?

Code:

View 9 Replies View Related

Ubuntu Security :: How To Test That Apparmor Is Working

Oct 9, 2010

So I activated the Firefox profile:

Code:

And restarted Firefox (even rebooted), but it doesn't seem to be working. When I open Firefox I am able to perform a "Save Page As" in locations I shouldn't be able to, like my Desktop or Pictures folder.

The following command says the Firefox process is in enforce mode:

Code:

Of the following lines, the only directory which is "rw" is /Downloads, why am I still able to write to other places?

Code:

OS: Ubuntu 10.10

Can someone with an active Firefox profile do this simple test for me? Click File -> Save As and try to save somewhere the Apparmor profile shouldn't let you, and let me know the results.

View 9 Replies View Related

Ubuntu Security :: Apparmor For Firefox - How To Turn It Off

Nov 12, 2010

Tried the apparmor profile for Firefox. how to turn it off. No matter what I do, it still shows up as being on in apparmor status.

View 3 Replies View Related

Ubuntu Security :: No Firefox Profile In Apparmor?

Nov 15, 2010

I'm trying to understand the Apparmor and would like to get FF profile from Bodhi.zazen [thank you],but I'm kinda new to Linux.Did lots of reading but missing one thing:

1.where is FF profile? I can't see any usr.lib.firefox-3.6.12
2. how do I do copy FF profile from Bodhi.zazen?

View 5 Replies View Related

Ubuntu Security :: Certain Commands Not Working In Apparmor?

Jun 7, 2011

I followed this thread:[URL]...When I get to this part:sudo genprof firefox it does not work in the terminal. Is this still supported for Ubuntu 11?

Also, I installed the profiles. Is something supposed to happen now or do I need to configure them?

sudo apt-get install apparmor-profiles

View 6 Replies View Related

Ubuntu Security :: Updating AppArmor Profiles?

Jun 12, 2011

Where is some good documentation with concrete examples on the best practices for how to update AppArmor profiles?

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved