ISC bind9 with dynamic DNS update (chroot problem)
lreid at cs.okstate.edu
Mon Jul 30 13:40:30 UTC 2007
Written by Patrick Dung on 07/28/07 10:52>>
> Thanks for reply.
> Yes, your method works.
> But I wonder why /var/named/etc/named/master directory permission
> always reset to root at starting the daemon.
> --- Reid Linnemann <lreid at cs.okstate.edu> wrote:
>> Written by Patrick Dung on 07/27/07 08:19>>
>>> I use FreeBSD 6.2 and the base bind9.
>>> For dynamic DNS update, bind9 automatically generate the journal
>>> (end in .jnl).
>>> The default config is to use chroot and the running user as 'bind'.
>>> The problem is that after named is started (/etc/init.d/named
>>> the default chroot directory /var/named/etc/named permission will
>>> reset to own by root. So the named daemon (run as user 'bind')
>>> create the journal file and complain:
>>> Jul 27 21:06:54 fbsd62 named: general: localdomain.db.jnl:
>>> create: permission denied
>>> One temp fix is to use chroot and run as root, any suggestions?
>> When I did ddns, I had my dynamic zone files in a subdirectory off of
>> the named chroot- i.e. /var/named/etc/namedb/dynamic - and chowned it
>> bind, allowing the bind user to read/write anything inside.
I forgot to CC: questions@ on my original reply
This is because /etc/rc.d/named auto-updates the chroot to an expected
state defined by the mtree at /etc/mtree/BIND.chroot.dist
Please do not top post, so the conversation order progresses from oldest
More information about the freebsd-questions