Comment 7 for bug 341817

I've tested again:

group bind has users: dhcpd
group dhcpd has users: bind

apparmor.d/usr.sbin.named
apparmor.d/usr.sbin.dhcpd3
both have a line:
/etc/bind/** r, -> apparmor allows them to read the file.

/etc/bind is owned by bind:bind, rwxrwx---
/etc/bind/rndc.key is owned by bind:bind, rw-r----- -> named fails to read the file, dhcpd fails to read the file!!!!

/etc/bind/rndc.key is owned by bind:bind, rw-r--r-- -> (bad idea but: named can read the file, dhcpd can read the file).

I'd say: at the point in time named, dhcpd try to read the file they are running user bind (named), user dhcpd (dhcpd3) but not the required group!
Or: named and dhcpd try to open the file rw, failing because only reading is allowed.