My slave dns server returned error while I tried to add another domain, below example of the error.
kernel: [1239217.411031] type=1503 audit(1309700303.423:12381): operation="mknod" pid=1692 parent=1 profile="/usr/sbin/named" requested_mask="c::" denied_mask="c::" fsuid=109 ouid=109 name="/etc/bind/db/in/tmp-ImzPls04Rk"
That’s because named aren’t allowed to write to directory /etc/bind/db/in. To solve this issue, open apparmor profile of named (/etc/apparmor.d/usr.sbin.named), add this line right after ‘/etc/bind/** r,‘ :
/etc/bind/db/** rw,
Restart the apparmor and then restart named.
requested_mask=c:: denied_mask=c::, /etc/apparmor d/usr sbin named, apparmor mknod, requested_mask=c denied_mask=c, profile=/usr/sbin/named requested_mask=c:: denied_mask=c::, denied_mask=c::, apparmor requested_mask c, requested_mask=c::, apparmor requested_mask=c, apparmor bind9