我已安装 BIND9 并正常运行。我想将日志输出到 MUNIN 中进行解析。我的系统运行正常,日志文件在 /var/cache/bind/ 中生成,所有权为 root:bind,权限设置为 0644。
然而,重新启动后 BIND9 不再启动,/var/log/syslog 中的摘录显示以下内容:
Mar 14 20:45:57 minecraftsvr named[867]: automatic empty zone: 64.100.IN-ADDR.ARPA
Mar 14 20:45:57 minecraftsvr named[867]: automatic empty zone: 65.100.IN-ADDR.ARPA
Mar 14 20:45:57 minecraftsvr named[867]: isc_stdio_open '/var/cache/bind/debug.log' failed: permission denied
Mar 14 20:45:57 minecraftsvr named[867]: automatic empty zone: 66.100.IN-ADDR.ARPA
Mar 14 20:45:57 minecraftsvr named[867]: automatic empty zone: 67.100.IN-ADDR.ARPA
如果我手动启动 BIND9,它会启动,但仍然显示上述错误。
知道为什么它会阻止 BIND9 自动启动,但却手动启动吗?
/etc/Apparmor.d/usr.sbin.named:
# /etc/bind should be read-only for bind
# /var/lib/bind is for dynamically updated zone (and journal) files.
# /var/cache/bind is for slave/stub data, since we're not the origin of it.
# See /usr/share/doc/bind9/README.Debian.gz
/etc/bind/** r,
/var/lib/bind/** rw,
/var/lib/bind/ rw,
/var/cache/bind/** lrw,
/var/cache/bind/ rw,
/var/log/bind9/** rw,
/var/log/bind/ rw,
谢谢汤姆