named questions.

Paul A. Procacci pprocacci at datapipe.com
Thu Mar 13 03:10:09 UTC 2008 

jekillen wrote:
> Hello:
> I have named running as secondary server on v6.2
> It will not start without a specific configuration file set
> on the command line. After doing some investigation
> it appears that that is because it runs chrooted and
> there is not a symlink from /etc/namedb. Is that a correct
> assumption? I read the man page and it specifies
> the default configuration file as /etc/namedb/named.conf
> and along with this file there are master and slave directories.
> Would I make the /etc/namedb/named.conf file to be a symlink
> to /var/named/etc/namedb/named.conf?
>

What you've read is correct.  chroot'ing does in fact prevent the 
program from traversing higher in the file hiarchy.
This makes sense as to why you need to specify the configuration file on 
the command line.  I presume named will
read the configuration file prior to chrooting.  I don't use named 
though as I have my preference, and can't be 100%
without looking at the source code.

A symlink does you no good do to my explanation above.  If you chroot, 
you lose the ability to get into /var or vica versa.
That's the whole purpose of 'change root'.

> There are some other entries in rc.conf related to named that
> appear in my primary nameserver rc.conf file that relate to getting
> it up at boot but I have lost root access to that machine so I cannot
> recover the rc.conf details and I do not remember what document-
> ation I was using to set it up.
>
> I was advised to start named as a user other than root but when I
> tried that named would not start because the user I set it to does
> not have write permission in the directory that has the pid file.
>
named must be started as root in order to bind to port 53.  Afterwards I 
assume it changes it's uid using some
configuration setting.  This is a standard practice now adays amongst 
utilities needing to bind to reserved ports.
Check your config file to set the user you want to run the daemon as 
after it's done with it's initialization
(i.e. binding to the port and creating the /var/run file), but remember 
you must physically start named as root in
order to get named working correctly.
> When named starts at boot what user does it run as, by default?
>
bind

That's a guess based on the following:

nat# fgrep bind /etc/passwd
bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin

> Thank you for any guidance.
> Jeff K
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list