/var/named Changes Ownership to Root on Boot

Martin McCormick martin at dc.cis.okstate.edu
Fri Mar 21 06:54:37 PDT 2008

	I think I fixed it but I am not sure I would have
figured it out quickly without the help from the list.

	It seems that FreeBSD defaults to a chroot of bind with
the tree owned by root. You can run bind in a sandbox as the
documentation says and have it chroot but if you do, and heres's
the confusion, you had better disable FreeBSD's attempt to make
sure the /var/named tree is always owned by root which would be
fine if named ran as root.

	When you run it in a sandbox with a lower-priority UID,
you must make sure that at least one more little line appears in

named_chrootdir=""	# Chroot directory (or "" not to auto-chroot it)

That's the key right there. If you use lines from rc.conf.local
from an older system such as pre-FreeBSD5, you don't need that
line and things work fine. If you don't have it on a FreeBSD5 or
newer system,
/etc/defaults/rc.conf supplies the default version of that line
which reads:

named_chrootdir="/var/named"	# Chroot directory (or "" not to auto-chroot it)

and one is seriously messed up from there on during the booting

	I was confused and thought this would all help me keep
ownership of /var/named belonging to bind when, in fact, it does
just the opposite.

Martin McCormick WB5AGZ  Stillwater, OK 
Systems Engineer
OSU Information Technology Department Network Operations Group

Chuck Swiger writes:
>/var/named is owned by root on all of my newer (5.x and later)  
>systems; I found an old 4.11 box with it owned by bind, though.  If  
>you're using named chroot'ed (as recommended), it will want /var/named/ 
>var/{dump/log/run/stats} writable by bind.

More information about the freebsd-questions mailing list