dns/bind911 - statistics-file

Dan Langille dan at langille.org
Sun Jan 20 20:10:08 UTC 2019 

> On Jan 20, 2019, at 5:42 AM, Mathieu Arnold <mat at FreeBSD.org> wrote:
> 
> On Sat, Jan 19, 2019 at 07:50:45PM -0500, Dan Langille wrote:
>> Mat,
>> 
>> I encountered an odd situation where my stats file kept changing permissions.  With every reinstall of bind911,
>> the permissions on var/run/named/stats change to chown root:bind which prevents bind from updating the file.
>> 
>> This is what I need:
>> 
>> $ ls -l /var/run/named/stats
>> -rw-r--r--  1 bind  bind  11507 Jan 20 00:45 /var/run/named/stats
>> 
>> Could that change be carried out by this file?
>> 
>>  https://svnweb.freebsd.org/ports/head/dns/bind911/files/BIND.chroot.dist?view=markup#l24
>> 
>> I don't see a reference to /var/run/named/stats in BIND.chroot.dist but can't help but wonder if it's something similar.
>> 
>> I have been using these options:
>> 
>>        directory       "/usr/local/etc/namedb/working";
>>        pid-file        "/var/run/named/pid";
>>        dump-file       "/var/dump/named_dump.db";
>>        statistics-file "/var/run/named/stats";
>>        zone-statistics yes;
>> 
>> When researching this tonight, I noticed the sample configuration uses /var/run/named.stats. Perhaps I'm doing this wrong.
>> I am happy to change my configuration, but first I write in case the script is doing something unexpected.
> 
> I do not think anything in the BIND9 ports would change the file permissions.
> 
> The mtree file only touches the directories to make sure they have the
> correct permissions, so it is not it.  Moreover the mtree file is ONLY
> used when using named_chrootdir to chroot named, which does not appear
> to be your case.
> The BIND9 ports have not had a pkg-install script for years, so it's not
> it either.
> The rc file does not chown anything, so it's not it doing it either.
> 
> Side note, the sample configuration uses /var/stats/named.stats, not
> /var/run/named.stats.  And it was ever since it was added to the base
> system named.conf file back in 2004 (in src r135918).
> 
> So I'd say something else on your system "fixes" the file's permissions.


This is it:

[dan at toiler:~] $ grep cleanvar /etc/defaults/rc.conf
cleanvar_enable="YES" 	# Clean the /var directory

That clears the file, then bind creates it chown root:bind.

Why it creates it like that, I don't know yet, but that's outside scope of this post.

Thank you.

--
Dan Langille - BSDCan / PGCon
dan at langille.org


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20190120/5bb891eb/attachment.sig>

More information about the freebsd-ports mailing list