The SELinux named policy defines these SELinux contexts for named: named_zone_t : for zone database files - $ROOTDIR/var/named/*named_conf_t : for named configuration files - $ROOTDIR/etc/.*named_cache_t: for files modifiable by named - $ROOTDIR/var/ If you want to retain use of the SELinux policy for named, and put named files in different locations, you can do so by changing the context of the custom file locations .
The servers are queried in turn - named moves on to the next server in the list if either: On the first SOA received that is bigger than the one than the slave is currently serving, then named will initial a zone transfer with that server.
Red Hat Security Enhanced Linux (SELinux) policy security protections : Red Hat have adopted the National Security Agency's SELinux security policy (see and recommendations for security , which are more secure than running named in a chroot and make use of the bind-chroot environment unnecessary .
By default, named is not allowed by the SELinux policy to write, create or delete any files EXCEPT in these directories: $ROOTDIR/var/named/slaves$ROOTDIR/var/named/data$ROOTDIR/var/tmp where $ROOTDIR may be set in /etc/sysconfig/named if bind-chroot is installed.
BIND sends notifications by default, however it is good practice to enable them explicitly if they are an important part of the configuration.
This can be done for individual zones: The setting for a zone takes precedence, therefore if you use the latter method then you should check that it has not been overridden.