> On 8. 11. 2025, at 10:11, Klaus Singvogel <[email protected]> wrote:
>
> - The service is running with the default chroot directory /var/lib/bind, as
> defined by the package
Well, that explains it. Seems like the debian/bind9.NEWS didn't get into the
updated package:
* Since Debian bookworm, the BIND 9 has support for Type=notify
reporting in the systemd unit file. Because of that, running
named in the chroot requires the chroot to have the sd_notify
socket available.
One possible solution is to create the systemd unit override
and add ad bind-mount for the notify socket:
[Service]
BindPaths=/run/systemd/notify:<chroot_path>/run/systemd/notify
I'll pull this into the next security update.
Ondrej
--
Ondřej Surý (He/Him)
[email protected]
