Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 27 Jan 2006 13:53:44 +0000
From:      Brian Candler <B.Candler@pobox.com>
To:        Oleg Tarasov <subscriber@osk.com.ua>
Cc:        freebsd-net@freebsd.org
Subject:   Re: Named could not listen on UDP socket: permission denied
Message-ID:  <20060127135344.GB60498@uk.tiscali.com>
In-Reply-To: <1623226562.20060126170150@osk.com.ua>
References:  <1623226562.20060126170150@osk.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Jan 26, 2006 at 05:01:50PM +0200, Oleg Tarasov wrote:
> I run FreeBSD 6.0 and I have begun to recieve quite periodic error messages like these:
> 
> Jan 25 19:45:50 central named[728]: could not listen on UDP socket: permission denied
> Jan 25 19:45:50 central named[728]: creating IPv4 interface ng0 failed; interface ignored
> 
> ng0 is my main internet interface and is created on early boot
> (rcordered like ppp-user) by mpd. Certainly, I need DNS listening on
> this interface.
> 
> The reason is that if mpd is restarted for some reason, interface ng0
> is destroyed and created again while listener on this interface is
> destroyed too. Named is chrooted at this time and cannot re-bind
> listener on this interface. Only manual restart of named helps it bind
> to this interface.
> 
> This is not deadly situation as if I manually restart mpd I will be
> able to restart named too...
> 
> Running named under root user or out of chroot environment is not
> quite acceptable way...

named needs to be root in order to bind to port 53.

If ng0 has a fixed IP address, then you could configure an alias on lo0 with
that address. Then, even though named cannot rebind to ng0, it will still
answer queries to that address.

If ng0 has a dynamic address, then I think your only solution is to run
named as root within a chroot environment or jail(8) - or to write a script
which is run when ng0 comes up, which kills and restarts bind. Does mpd have
a hook to call a script on interface up?

Regards,

Brian.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060127135344.GB60498>