Unusual permissions on /var/named/etc/namedb/master?

Lowell Gilbert freebsd-questions-local at be-well.ilk.org
Tue Nov 8 17:03:25 GMT 2005

Josh Tolbert <hemi at puresimplicity.net> writes:

> Hello,
> I'm running DHCP + dynamic DNS here on my home LAN and I've noticed a problem
> that needs a manual fix every time the DNS machine gets rebooted. It doesn't
> happen very often, but it does happen. :)
> My firewall/gateway machine runs FreeBSD-5.4-RELEASE of some patchlevel. It
> uses ISC DHCPD from ports to update my DNS server, another FreeBSD machine
> (now running 6.0-RELEASE) with new entries when machines register with the
> DHCP server. The problem arises because by default named runs -u bind, however
> /var/named/etc/namedb/master is owned by root. I believe this is caused by
> /etc/mtree/BIND.chroot.dist, since I'm running bind chrooted (the default
> setup). When the DNS machine reboots, I have to manually chown
> /var/named/etc/namedb/master (or /etc/namedb/master) to bind before updates
> will continue, otherwise I see errors such as
> named[297]: dumping master file: master/tmp-QQ2UU6pWaZ: open: permission denied
> Is there any good workaround for this issue? I'd like to keep bind running as
> the bind user as well as keep bind chrooted if possible. I know I could edit
> the mtree file on my machine, but that seems somewhat kludgy to me.
> Thanks for any help/advice you can give me,

Normally mtree is only automatically run by installworld.  
Is that what causes the permissions to be reverted?
If so, then change the mtree file (and keep the modifications over
time when you run mergemaster).
If not, then figure out what *is* changing the permissions.

More information about the freebsd-questions mailing list