Bind 9.3.0 startup failure

Paul Mather paul at gromit.dlib.vt.edu
Thu Sep 23 13:50:25 PDT 2004 

On Thu, 23 Sep 2004 12:12:15 -0500, kallender at completecomputing.com wrote:

> /etc/defaults/rc.d contains:
> 
> #
> # named.  It may be possible to run named in a sandbox, man security for
> # details.
> #
> named_rcng="NO"                 # XXX Temporary. Enable to use new rc
>                                 #    functionality in support of named. See
>                                 #    variables below.
> named_enable="NO"               # Run named, the DNS server (or NO).
> named_program="/usr/sbin/named" # path to named, if you want a different one.
> named_flags="-u bind -g bind"   # Flags for named
> named_pidfile="/var/run/named/pid" # Pid file  
> named_chrootdir=""              # Chroot directory (or "" not to auto-chroot
> it)
> named_chroot_autoupdate="YES"   # Automatically install/update chrooted
>                                 # components of named. See /etc/rc.d/named.
> named_symlink_enable="YES"      # Symlink ${named_pidfile} and /var/run/ndc
>                                 # to their chrooted counterparts.
> 
> 
> The /etc/rc.d/named script is unaltered from clean install of the OS.

But, the /etc/rc.d/named in 5.2.1 is designed to work with BIND8, not
BIND9.  I'd expect problems trying to get it to work smoothly with BIND9
as-is, not least because some of the options to named have changed.  For
example, "-g" in BIND8 sets the group under which named will run; under
BIND9 it instructs named to run in the foreground, not in the background
as a daemon, and to log everything to stderr.  If you use the default
named_flags setting from /etc/defaults/rc.conf with BIND9 and start up
via /etc/rc.d/named, then named will likely get confused.

In short, I wouldn't rely on a script designed to drive BIND8 to work
flawlessly with BIND9.  As someone else pointed out, you should really
be using rndc to control named and to observe its status, not
/etc/rc.d/named status, etc.

Note that 5.3 will ship with BIND9, so I'd expect the startup scripts to
be re-written to work accordingly.

Cheers,

Paul.
-- 
e-mail: paul at gromit.dlib.vt.edu

"Without music to decorate it, time is just a bunch of boring production
 deadlines or dates by which bills must be paid."
        --- Frank Vincent Zappa

More information about the freebsd-questions mailing list