Date: Thu, 20 Mar 2008 18:47:23 -0500 From: Derek Ragona <derek@computinginnovations.com> To: Martin McCormick <martin@dc.cis.okstate.edu>, freebsd-questions@freebsd.org Subject: Re: /var/named Changes Ownership to Root on Boot Message-ID: <6.0.0.22.2.20080320184623.026b2ac8@mail.computinginnovations.com> In-Reply-To: <200803202330.m2KNUpUN083945@dc.cis.okstate.edu> References: <200803202330.m2KNUpUN083945@dc.cis.okstate.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
At 06:30 PM 3/20/2008, Martin McCormick wrote:
> About half of the 7 FreeBSD systems I run exhibit a very
>annoying behavior that I have not pinned down yet as to why and
>how to correct it.
>
> I reboot. Soon, I find that bind isn't running. It runs
>as a low-priority process and is owned by bind so it needs to
>have write permission in /var/named. When I do ls -ld on
>/var/named, it's owned by root.
>
> As I said, several systems do this and several more
>don't and they are all running FreeBSD6.2 except for one which
>is FreeBSD5.x.
>
> I originally used the stock /etc/rc.d start script for
>named. After getting the chown surprise on a key system, I
>hard-coded a 4-line script that just starts bind no matter what.
>It seemed to work so I was happy even though that is not a
>proper fix.
>
> After our master DHCP server played the chown prank on
>me yesterday, I added a fifth line to the hard-wire script to
>chown -R bind:bind /var/named.
>
> I guess the switcheroo happens after rc calls that
>script for I still had a dead bind until I changed it back and
>started it manually.
>
> Some other systems never do the switch and my test box,
>of course, is one of those so I can't fix what isn't broken. It
>seems like the boxes that do this are inversely proportional to
>their importance. Our master DNS did this to me this evening
>after a reboot so I am asking for an explanation of what I have
>done wrong to cause this to happen.
>
> I even did a sh -x /etc/rc/named and got kind of lost in
>rc.subr procedures and never saw the attempted switch of
>ownership.
>
> Thank you for any pointers to documentation that
>explains this as many of the systems in question are up for a
>year or more at times and we don't get to diagnose their boot
>process that often. When something fails to start, it's one of
>those SURPRISE!'s we'd all rather not have when in a hurry to
>get key systems back running again.
>
>Martin McCormick WB5AGZ Stillwater, OK
>Systems Engineer
>OSU Information Technology Department Network Operations Group
Sounds like you have named chroot'ing and probably don't want that
behavior. Look at the defaults for named and set them correctly in
/etc/rc.conf
-Derek
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.0.22.2.20080320184623.026b2ac8>