Ubuntu and AppArmor

diff --git a/FAQ.xml b/FAQ.xml
index 258bc8a9035399955b6d9f1dcccfbbb81a29c0d3..d25380007beddaaae9d18a763fdb90c3165eb28a 100644 (file)
--- a/FAQ.xml
+++ b/FAQ.xml
@@ -17,7 +17,7 @@
  - PERFORMANCE OF THIS SOFTWARE.
 -->
 
-<!-- $Id: FAQ.xml,v 1.52 2009/11/03 14:02:20 marka Exp $ -->
+<!-- $Id: FAQ.xml,v 1.53 2010/01/19 06:57:37 marka Exp $ -->
 
 <article class="faq">
   <title>Frequently Asked Questions about BIND 9</title>
@@ -1382,6 +1382,36 @@ named_cache_t: for files modifiable by named - $ROOTDIR/var/{tmp,named/{slaves,d
       </answer>
     </qandaentry>
 
+    <qandaentry>
+      <question>
+       <para>
+          I'm running BIND on Ubuntu -
+       </para>
+       <para>
+         Why can't named update slave zone database files?
+       </para>
+       <para>
+         Why can't named create DDNS journal files or update
+         the master zones from journals?
+       </para>
+       <para>
+         Why can't named create custom log files?
+       </para>
+      </question>
+      <answer>
+       <para>
+         Ubuntu uses AppArmor <ulink url="http://en.wikipedia.org/wiki/AppArmor">
+          &lt;http://en.wikipedia.org/wiki/AppArmor&gt;</ulink> in
+         addition to normal file system permissions to protect the system.
+       </para>
+       <para>
+         Adjust the paths to use those specified in /etc/apparmor.d/usr.sbin.named
+         or adjust /etc/apparmor.d/usr.sbin.named to allow named to write at the
+         location specified in named.conf.
+       </para>
+      </answer>
+    </qandaentry>
+
     <qandaentry>
       <question>
        <para>