Date: Mon, 12 Mar 2001 08:31:31 -0600 From: Mike Meyer <mwm@mired.org> To: Christopher Farley <chris@northernbrewer.com> Cc: <eugene@anime.net>, questions@freebsd.org Subject: Re: /var/run/named.pid annoyance Message-ID: <15020.56771.969473.579120@guru.mired.org> In-Reply-To: <123947882@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
Christopher Farley <chris@northernbrewer.com> types: > Eugene Lee (eugene@anime.net) wrote: > > > Every time I do a reload, I get this in /var/log/messages: > > > > Mar 12 00:48:47 localhost named[119]: reloading nameserver > > Mar 12 00:48:47 localhost named[119]: couldn't create pid file '/var/run/named.pid' > > Mar 12 00:48:47 localhost named[119]: Ready to answer queries. > > > > The reason for this is that I run it with "-u bind -g bind" options. > > What would be the most secure way to solve this problem? > > This is a permissions problem. User bind does not have permissions to > write files to /var/run. > > The desired workaround is to change the PID file location by adding > this to the "options" section of your /etc/namedb/named.conf file: > > pid-file "/var/named/named.pid" > > You must then (as root): > > # mkdir /var/named > # chown bind:bind /var/named > > > More details on this setup are available at: > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01%3A18.bind.asc I'm not sure why that's the "desired" solution. The FreeBSD SA didn't provide any answers, either. I just did the chown on /var/run/named.pid, and that solved the problem. If you clean /var/run at each reboot, that won't help. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15020.56771.969473.579120>