Bind9 start/restart failure - Aegir bind conf file permssions

Hi,

After following the Aegir DNS docs I'm having an issue with what looks to be permissions relating to aegir bind conf files during bind9 start/restart on Ubuntu 10.04

/etc/init.d/bind9 restart
 * Stopping domain name service... bind9                                                                                                                     [ OK ] 
 * Starting domain name service... bind9                                                                                                                     [fail] 

The output from tail -f /var/log/syslog below.

Nov 23 13:13:39 merv named[4657]: starting BIND 9.7.0-P1 -u bind
Nov 23 13:13:39 merv named[4657]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS='
Nov 23 13:13:39 merv named[4657]: adjusted limit on open files from 1024 to 1048576
Nov 23 13:13:39 merv named[4657]: found 2 CPUs, using 2 worker threads
Nov 23 13:13:39 merv named[4657]: using up to 4096 sockets
Nov 23 13:13:39 merv named[4657]: loading configuration from '/etc/bind/named.conf'
Nov 23 13:13:39 merv named[4657]: /etc/bind/named.conf.local:4: open: /var/aegir/config/bind.conf: permission denied
Nov 23 13:13:39 merv named[4657]: loading configuration: permission denied
Nov 23 13:13:39 merv named[4657]: exiting (due to fatal error)
Nov 23 13:13:39 merv kernel: [1816432.626541] type=1503 audit(1353676419.464:27): operation="open" pid=4659 parent=4656 profile="/usr/sbin/named" requested_mask="::r" denied_mask="::r" fsuid=105 ouid=114 name="/var/aegir/config/server_master/bind.conf"

The output of ls -altr /var/aegir/config/bind.conf permissions

lrwxrwxrwx 1 aegir aegir 41 2012-11-20 17:37 /var/aegir/config/bind.conf -> /var/aegir/config/server_master/bind.conf

....and of ls -altr /var/aegir/config/server_master/bind.conf below.

-rwxrwxrwx 1 aegir aegir 135 2012-11-20 17:37 /var/aegir/config/server_master/bind.conf

I've looked in the issue queues and ubuntu forms but can't find a similar issue. I thought I'd document it here as I believe I've followed the documentation relating to both Aegir installation and DNS correctly. The DNS Support feature seemed to be working prior to running the restart command as the testingtime.ie domain was being resolved due to the following line being added to /var/aegir/config/bind.conf

zone "testingtime.ie" { type master; file "/var/aegir/config/server_master/bind/zone.d/testingtime.ie.zone"; allow-query { any; }; };

Any help is greatly appreciated.

Thanks,
Paul

EDIT: Found this thread on Ubuntu forums bind9 restart error, it looks similar, will see if it helps.

EDIT 2: The above did not solve the problem for me. I can get Bind9 running, however, once the include "/var/aegir/config/bind.conf"; is added to /etc/bind/named.conf.local the Bind9 service will no longer restart.