Hi, after setup a new client server (only used with the DNS role) with ISPConfig and bind, ISPConfig configures bind to store slave zone files under /etc/bind/slave The apparmor config prohibits bind to write anything under /etc/bind but expects bind to write at /var/cache/bind/ I had to mkdir /var/cache/bind/slave and to symlink /etc/bind/slave -> /var/cache/bind/slave to get bind to deal with slave zones. I am not sure if this approach is the right one, but there is no config option in ISPConfig server config for the directory to store slave zones in. Regards, CMKS
You could just permit it to write to the path. Something like this should work(?) Edit /etc/apparmor.d/local/usr.sbin.named and add the line "/etc/bind/slave rw,". Make sure to refresh apparmor after editing. Might want to read up on this, because apparmor is a long time ago for me