Knowledge Base

Domains are not accessible: Bind is not serving queries externally: named[]: open: /etc/named.conf: permission denied

Symptoms

Domains are not resolving externally.
The following errors could be found in /var/log/syslog:

named[25513]: open: /etc/named.conf: permission denied
named[25513]: loading configuration: permission denied
kernel: [ 9748.360203] audit: type=1400 audit(1667404612.963:193): apparmor="DENIED" operation="open" profile="/usr/sbin/named" name="/mnt/dir/plesk/var/named/run-root/etc/named.conf" pid=25513 comm="named" requested_mask="r" denied_mask="r" fsuid=110 ouid=0
named[25513]: exiting (due to fatal error)

Cause

The named profile is in the apparmor's enforcing mode.

Resolution

Connect to the server via SSH
Enable complain mode for named:

# ln -s /etc/apparmor.d/usr.sbin.named /etc/apparmor.d/disable/
Reload apparmor

# systemctl reload apparmor
Restart bind:

# systemctl restart named

Related Posts

Exploring Plesk’s Added Value Solutions So Far in 2023

Unveiling Sitejet Builder: The Perfect Match for Your Effortless Website Creation Needs

Dynamic List vs. Active List: A Comprehensive Comparison – Unveiling the Ultimate Winner!

Knowledge Base

Local email messages on a Plesk server are not delivered: Found DMARC record contained a bad token value

Plesk PHP handler is missing from Admin and Domains PHP Settings after installation

A website hosted in Plesk for Windows Server is not accessible: the ionCube PHP Loader needs to be installed

Unable to accept or send emails on Plesk server via SendGrid with forwarding enabled: 550 The from address does not match a verified Sender Identity.

Hosting Wiki