使用 bind 设置 DNSSEC 自动签名时出错

我按照这里的确切教程进行操作https://ftp.isc.org/isc/dnssec-guide/html/dnssec-guide.html#easy-start-guide-for-authoritative-servers在我的域 domain.example.com 上设置 DNSSEC。

当我尝试使用 delv 验证我的设置时，出现错误。以下是我的验证步骤：

user@nameserver:/etc/bind$ delv @10.10.10.10 -a keys/tmp/example.key +root=domain.example.com domain.example.com. SOA +multiline
;; resolution failed: ncache nxdomain
; negative response, unsigned answer
; domain.example.com. 300   IN \-ANY ;-$NXDOMAIN
; example.com. SOA a.ns.joker.com. hostmaster.joker.com. 2011082265 14400 3600 604800 300

当我检查日志文件时，看到以下输出：

Mär 05 22:27:30 nameserver named[74793]: zone domain.example.com/IN (signed): reconfiguring zone keys
Mär 05 22:27:30 nameserver named[74793]: zone domain.example.com/IN (signed): next key event: 05-Mar-2021 23:27:30.591
Mär 05 22:27:30 nameserver named[74793]: dumping master file: /etc/bind/zones/tmp-TELhWOSOza: open: permission denied
Mär 05 22:27:30 nameserver named[74793]: managed-keys-zone: Initializing automatic trust anchor management for zone '.'; DNSKEY ID 20326 is now trusted, waiving the normal 30-day waiting period.
Mär 05 22:27:30 nameserver named[74793]: resolver priming query complete
Mär 05 22:30:45 nameserver named[74793]: client @0x7f584800a550 1.1.1.1#36082 (domain.example.com): query: domain.example.com IN A -E(0)DC (10.10.10.10) [ECS 10.10.10.0/24/0]
Mär 05 22:30:53 nameserver named[74793]: client @0x7f584800a550 1.1.1.2#56781 (domain.example.com): query: domain.example.com IN A -E(0)DC (10.10.10.10) [ECS 10.10.10.0/24/0]
Mär 05 22:41:12 nameserver named[74793]: dumping master file: /etc/bind/zones/tmp-mlDktgv0MJ: open: permission denied
Mär 05 22:56:00 nameserver named[74793]: dumping master file: /etc/bind/zones/tmp-RuJ2bQd0qY: open: permission denied
Mär 05 23:23:17 nameserver named[74793]: client @0x7f584800a550 10.10.10.10#60252 (domain.example.com): query: domain.example.com IN SOA +E(0)DK (10.10.10.10)

编辑：

我唯一要做的不同的事情是在选项部分我保留默认设置directory "/var/cache/bind";，否则我会收到其他错误消息。

操作系统是 Ubuntu 20.04.2