Rabu, 17 Mei 2017

Cara Disable AppArmor di Ubuntu Server 16.04



Kebetulan saya lagi mencoba install DNS Server di Ubuntu Server 16.04 menggunakan Bind, namun begitu saya merubah default lokasi file konfigurasi nya, kemudian saya start BIND nya ada error dan tidak mau UP service nya :

15-May-2017 15:42:13.050 ----------------------------------------------------
15-May-2017 15:42:13.050 BIND 9 is maintained by Internet Systems Consortium,
15-May-2017 15:42:13.050 Inc. (ISC), a non-profit 501(c)(3) public-benefit
15-May-2017 15:42:13.050 corporation.  Support and training for BIND 9 are
15-May-2017 15:42:13.050 available at https://www.isc.org/support
15-May-2017 15:42:13.050 ----------------------------------------------------
15-May-2017 15:42:13.050 adjusted limit on open files from 65536 to 1048576
15-May-2017 15:42:13.050 found 1 CPU, using 1 worker thread
15-May-2017 15:42:13.050 using 1 UDP listener per interface
15-May-2017 15:42:13.050 using up to 4096 sockets
15-May-2017 15:42:13.053 loading configuration from '/var/named/master/named.conf'
15-May-2017 15:42:13.054 open: /var/named/master/named.conf: permission denied
15-May-2017 15:42:13.054 loading configuration: permission denied
15-May-2017 15:42:13.054 exiting (due to fatal error)

Jadi saya juga baru tahu, ternyata di Ubuntu saat ini sudah ada apparmor yang fungsi nya sama seperti SELINUX di Redhat atau Centos.

Jadi kita tinggal disable saja AppArmor nya, Caranya adalah :

1. Disable service semua service dan profile AppArmor nya

# /etc/init.d/apparmor stop
# /etc/init.d/apparmor teardown
# update-rc.d -f apparmor remove

2. Disable dari StartUP Ubuntu nya :

# systemctl stop apparmor.service
# update-rc.d -f apparmor remove

Sekarag Bind nya sudah bisa UP dengan file konfigurasi yang ada di folder yang bukan default nya :

15-May-2017 15:43:20.763 zone localhost/IN: not loaded due to errors.
15-May-2017 15:43:20.763 zone dony.id/IN: loaded serial 2017051501
15-May-2017 15:43:20.763 all zones loaded
15-May-2017 15:43:20.763 running
15-May-2017 15:48:41.177 shutting down
15-May-2017 15:48:41.178 no longer listening on ::#53
15-May-2017 15:48:41.178 no longer listening on 127.0.0.1#53
15-May-2017 15:48:41.178 no longer listening on 192.168.1.104#53

Kalau mau enable service AppArmor nya lagi :

# systemctl start apparmor.service
# update-rc.d apparmor defaults



Semoga bermanfaat untuk pembaca semua.

Dony Ramansyah
site : http://donyramansyah.net
blog : dony-ramansyah.blogspot.com
email : dony.ramansyah[at]gmail.com
Registered linux user : ID 40017

Posted by at
Labels: , ,

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)