Submit a ticketCall us

WebinarUpcoming Webinar: Should I Move My Database to the Cloud?

So you’ve been running an on-premises SQL Server® for a while now. Maybe you’ve moved it from bare metal to a VM, and have seen some positive benefits. But, do you want to see more? If you said “YES!”, then this session is for you, as James Serra will review the many benefits that can be gained by moving your on-prem SQL Server to an Azure® VM (IaaS). He’ll also talk about the many hybrid approaches, so you can gradually move to the cloud. If you are interested in cost savings, additional features, ease of use, quick scaling, improved reliability, and ending the days of upgrading hardware, this is the session for you.

Register now.

Home > Success Center > IP Address Manager (IPAM) > IPAM - Knowledgebase Articles > IPAM Bind Error: Syntax Error in BIND configuration

IPAM Bind Error: Syntax Error in BIND configuration

Overview

When trying to configure IPAM to manage BIND server, you get the error message:

Syntax Error in BIND configuration

Environment

All versions of IPAM

Resolution

Solarwinds recommends to try the following as a workaround:

You may allow any binary to call chroot() system function, even if it is not executed under the root account. To set this up for named-checkconf do the following:
  1. Execute following command to find out named-checkconf binary absolute path: whereis named-checkconf
  2. Execute following command to allow binary to call chroot(). This needs to be executed under root, or using sudo: setcap cap_sys_chroot+ep <absolute_path/>

You may execute “named-checkconf –z –t /var/named/chroot /etc/named.conf” under user account used for IPAM. It should no longer report the “error: isc_dir_chroot: permission denied” error.

If syntax check reports any issues, make sure that permissions on chroot are set correctly. User account for IPAM needs to have the same access right like user account used for running BIND service itself. R/W access to config repository and R/W access to BIND Directory (specified in options). Also, it needs R/W access to “/tmp” (the real one, not the one under /var/named/chroot/tmp). 

 

Note: IPAM versions older than 4.5 do not support BIND version 9.9 and later. 

IPAM 4.5 and later added support for BIND 9.9+, BIND 9.10+, and BIND 9.11+

Cause


When attempting to test the BIND credentials from the set-up wizard, IPAM logs in as the specified user, and runs the following commands:

named -V
ps -A -o comm,pid,args | grep ^named
if [ -r "/var/named/chroot/etc/named.conf" ] ; then echo 'true'; else echo 'false'; fi
if [ -w "/var/named/chroot/etc/named.conf" ] ; then echo 'true'; else echo 'false'; fi
named-checkconf -z -t "/var/named/chroot" "/etc/named.conf"
if [ $? -eq 0 ] ; then echo 'true'; else echo 'false'; fi


IPAM is fails to the command named -checkconf -z -t "/var/named/chroot" "/etc/named.conf" and then shows the error: isc_dir_chroot: permission denied

Last modified

Tags

Classifications

Public