gpg: Signature made Tue Jul 23 22:41:04 2019 UTC
gpg: using DSA key 2099B64CBF15490B
gpg: Good signature from "Andy Smith <andy@strugglers.net>" [unknown]
gpg: aka "Andrew James Smith <andy@strugglers.net>" [unknown]
gpg: aka "Andy Smith (UKUUG) <andy.smith@ukuug.org>" [unknown]
gpg: aka "Andy Smith (BitFolk Ltd.) <andy@bitfolk.com>" [unknown]
gpg: aka "Andy Smith (Linux User Groups UK) <andy@lug.org.uk>" [unknown]
gpg: aka "Andy Smith (Cernio Technology Cooperative) <andy.smith@cernio.com>" [unknown]
Hello,
On Tue, Jul 23, 2019 at 11:23:48PM +0100, Keith Williams wrote:
> it did load Jul 23 22:57:53 westnorfolk named[22233]: zone
> keiths-place.co.uk/IN: loaded serial 2019072335
Weird. How come that wasn't in the logs before?
named does have an apparmor profile by the way, but I can't see
anything wrong with it:
https://salsa.debian.org/dns-team/bind9/blob/debian/master/debian/extras/apparmor.d/usr.sbin.named
and certainly I would expect it to complain loudly if it had been
prevented from loading a zone file.
I'm getting a bit stumped but if I were you I would be stripping out
all of that query restriction and forwarding stuff and having the
simplest configuration possible.
I take it that the increased logging verbosity has not helped at
all?
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
