www/88636: handbook instruction could shut down named
Yasholomew Yashinski
yashy at mail.yashy.com
Mon Nov 7 18:30:13 PST 2005
>Number: 88636
>Category: www
>Synopsis: handbook instruction could shut down named
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-www
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Nov 08 02:30:12 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Yasholomew Yashinski
>Release: FreeBSD 5.4-RELEASE i386
>Organization:
>Environment:
>Description:
>From http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-dns.html
Arrange to have named start and chroot itself to the sandbox by adding the following to /etc/rc.conf:
named_enable="YES"
named_flags="-u bind -g bind -t /etc/namedb /etc/named.conf"
from "man named":
-g Run the server in the foreground and force all logging to
stderr.
-c config-file
Use config-file as the configuration file instead of the
default, /etc/namedb/named.conf. To ensure that reloading the
configuration file continues to work after the server has
changed its working directory due to to a possible directory
option in the configuration file, config-file should be an abso-
lute pathname.
>How-To-Repeat:
Use instructions from the handbook
>Fix:
the rc.conf entry should read:
named_enable="YES"
named_flags="-u bind -t /etc/namedb -c /etc/named.conf"
I've had to make several other changes to get named to run:
# mkdir /var/named/etc/namedb/var/run/named/
# chown -R bind /var/named/etc/namedb/var
diff named.conf*
11,12d10
< include "./rndc.key";
<
14c12
< directory "/";
---
> directory "/etc/namedb";
I would also suggest that
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bind9.html
should be completely integrated into the previous page, as the majority of
this page is simply duplication of the former page.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-www
mailing list