Hi all,

Just updated to the latest sl-security-rolling and noticed that the 
named systemd stuff failed on the chroot setup.

The faulty systemd unit seems to be: 
/usr/lib/systemd/system/named-chroot.service

It does a sanity check - but doesn't make it relative to the chroot:
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; 
then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking 
of zone files is disabled"; fi'

If you add the chroot directive in there (which it probably should have 
anyway), then all works:
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; 
then /usr/sbin/named-checkconf -z -t /var/named/chroot /etc/named.conf; 
else echo "Checking of zone files is disabled"; fi'

Can anyone verify this - and if needed upstream this bug?

-- 
Steven Haigh

Email: [log in to unmask]
Web: https://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897