From owner-freebsd-questions@FreeBSD.ORG Tue Nov 8 17:03:25 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 999BB16A43D for ; Tue, 8 Nov 2005 17:03:25 +0000 (GMT) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: from mail28.sea5.speakeasy.net (mail28.sea5.speakeasy.net [69.17.117.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 450AB43D45 for ; Tue, 8 Nov 2005 17:03:25 +0000 (GMT) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: (qmail 4856 invoked from network); 8 Nov 2005 17:03:24 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail28.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 8 Nov 2005 17:03:24 -0000 Received: by be-well.ilk.org (Postfix, from userid 1147) id C376F28441; Tue, 8 Nov 2005 12:03:23 -0500 (EST) Sender: lowell@be-well.ilk.org To: Josh Tolbert References: <20051108081941.GA27333@just.puresimplicity.net> From: Lowell Gilbert Date: 08 Nov 2005 12:03:23 -0500 In-Reply-To: <20051108081941.GA27333@just.puresimplicity.net> Message-ID: <44hdanhy1w.fsf@be-well.ilk.org> Lines: 31 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-questions@freebsd.org Subject: Re: Unusual permissions on /var/named/etc/namedb/master? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Nov 2005 17:03:25 -0000 Josh Tolbert writes: > Hello, > > I'm running DHCP + dynamic DNS here on my home LAN and I've noticed a problem > that needs a manual fix every time the DNS machine gets rebooted. It doesn't > happen very often, but it does happen. :) > > My firewall/gateway machine runs FreeBSD-5.4-RELEASE of some patchlevel. It > uses ISC DHCPD from ports to update my DNS server, another FreeBSD machine > (now running 6.0-RELEASE) with new entries when machines register with the > DHCP server. The problem arises because by default named runs -u bind, however > /var/named/etc/namedb/master is owned by root. I believe this is caused by > /etc/mtree/BIND.chroot.dist, since I'm running bind chrooted (the default > setup). When the DNS machine reboots, I have to manually chown > /var/named/etc/namedb/master (or /etc/namedb/master) to bind before updates > will continue, otherwise I see errors such as > > named[297]: dumping master file: master/tmp-QQ2UU6pWaZ: open: permission denied > > Is there any good workaround for this issue? I'd like to keep bind running as > the bind user as well as keep bind chrooted if possible. I know I could edit > the mtree file on my machine, but that seems somewhat kludgy to me. > > Thanks for any help/advice you can give me, Normally mtree is only automatically run by installworld. Is that what causes the permissions to be reverted? If so, then change the mtree file (and keep the modifications over time when you run mergemaster). If not, then figure out what *is* changing the permissions.