---
title: "BIND 9 \"permission denied\" errors on Linux"
slug: "aa-00318"
description: "On Linux, BIND 9 drops most of its root privileges on startup, including the privilege to open files owned by other users."
updated: 2018-10-10T15:37:53Z
published: 2018-10-10T15:37:53Z
canonical: "kb.isc.org/aa-00318"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://kb.isc.org/llms.txt
> Use this file to discover all available pages before exploring further.

# Why does BIND 9 log "permission denied" errors accessing its configuration files or zones on my Linux system?

You may see these "permission denied" errors even though **named** is running as root.

On Linux, BIND 9 drops most of its root privileges on startup. This includes the privilege to open files owned by other users. Therefore, if the server is running as root, the configuration files and zone files should also be owned by root. If the files must be owned by some other user, then the server should run as that user; this can be set by using the `-u` option on the command line when launching **named**.