[Bug 341817] Re: dhcpd wont start due to rndc.key permissions

Carl Karsten carl at personnelware.com
Thu Nov 10 18:21:31 UTC 2011 

I agree, side effect of https://bugs.launchpad.net/ubuntu/+source/isc-
dhcp/+bug/727837  "https://bugs.launchpad.net/ubuntu/+source/isc-
dhcp/+bug/727837"

Here is a demo of the bug, and a work around: add user root to the bind
group.  attached is the script, here is it being run:

juser at kasp:~$ sudo ./ddns.sh 
[sudo] password for juser: 
+ apt-get --assume-yes install dhcp3-server bind9
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  bind9utils isc-dhcp-server
Suggested packages:
  bind9-doc resolvconf isc-dhcp-server-ldap
The following NEW packages will be installed:
  bind9 bind9utils dhcp3-server isc-dhcp-server
0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 866 kB of archives.
After this operation, 2,568 kB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com/ubuntu/ oneiric/main bind9utils amd64 1:9.7.3.dfsg-1ubuntu4 [104 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu/ oneiric/main bind9 amd64 1:9.7.3.dfsg-1ubuntu4 [331 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu/ oneiric/main isc-dhcp-server amd64 4.1.1-P1-17ubuntu10 [427 kB]
Get:4 http://us.archive.ubuntu.com/ubuntu/ oneiric/main dhcp3-server all 4.1.1-P1-17ubuntu10 [3,296 B]
Fetched 866 kB in 1s (737 kB/s)          
Preconfiguring packages ...
Selecting previously deselected package bind9utils.
(Reading database ... 94476 files and directories currently installed.)
Unpacking bind9utils (from .../bind9utils_1%3a9.7.3.dfsg-1ubuntu4_amd64.deb) ...
Selecting previously deselected package bind9.
Unpacking bind9 (from .../bind9_1%3a9.7.3.dfsg-1ubuntu4_amd64.deb) ...
Selecting previously deselected package isc-dhcp-server.
Unpacking isc-dhcp-server (from .../isc-dhcp-server_4.1.1-P1-17ubuntu10_amd64.deb) ...
Selecting previously deselected package dhcp3-server.
Unpacking dhcp3-server (from .../dhcp3-server_4.1.1-P1-17ubuntu10_all.deb) ...
Processing triggers for man-db ...
Processing triggers for ufw ...
Processing triggers for ureadahead ...
ureadahead will be reprofiled on next reboot
Setting up bind9utils (1:9.7.3.dfsg-1ubuntu4) ...
Setting up bind9 (1:9.7.3.dfsg-1ubuntu4) ...
Adding group `bind' (GID 113) ...
Done.
Adding system user `bind' (UID 107) ...
Adding new user `bind' (UID 107) with group `bind' ...
Not creating home directory `/var/cache/bind'.
wrote key file "/etc/bind/rndc.key"
#
 * Starting domain name service... bind9                                 [ OK ] 
Setting up isc-dhcp-server (4.1.1-P1-17ubuntu10) ...
Generating /etc/default/isc-dhcp-server...
 * Starting ISC DHCP server dhcpd                                                * check syslog for diagnostics.
                                                                         [fail]
invoke-rc.d: initscript isc-dhcp-server, action "start" failed.
Setting up dhcp3-server (4.1.1-P1-17ubuntu10) ...
+ adduser dhcpd bind
Adding user `dhcpd' to group `bind' ...
Adding user dhcpd to group bind
Done.
+ cat
+ cat
+ service apparmor restart
 * Reloading AppArmor profiles                                           [ OK ] 
+ sudo service isc-dhcp-server start
dhcpd self-test failed. Please fix the config file.
The error was: 
Internet Systems Consortium DHCP Server 4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Can't open /etc/bind/rndc.key: Permission denied

workaround I like best:
juser at kasp:~$ sudo adduser root bind
Adding user `root' to group `bind' ...
Adding user root to group bind
Done.
juser at kasp:~$ sudo service isc-dhcp-server start
 * Starting ISC DHCP server dhcpd                                        [ OK ] 



** Attachment added: "ddns.sh"
   https://bugs.launchpad.net/ubuntu/+source/dhcp3/+bug/341817/+attachment/2592148/+files/ddns.sh

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dhcp3 in Ubuntu.
https://bugs.launchpad.net/bugs/341817

Title:
  dhcpd wont start due to rndc.key permissions

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dhcp3/+bug/341817/+subscriptions

More information about the Ubuntu-server-bugs mailing list