From owner-freebsd-questions@FreeBSD.ORG Wed Nov 10 13:27:51 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5E4F116A4CF for ; Wed, 10 Nov 2004 13:27:51 +0000 (GMT) Received: from top.daemonsecurity.com (FW-182-254.go.retevision.es [62.174.254.182]) by mx1.FreeBSD.org (Postfix) with ESMTP id BEAEA43D39 for ; Wed, 10 Nov 2004 13:27:50 +0000 (GMT) (envelope-from norgaard@locolomo.org) Received: from [192.168.0.32] (charm.daemonsecurity.com [192.168.0.32]) by top.daemonsecurity.com (Postfix) with ESMTP id 60A06A1426; Wed, 10 Nov 2004 14:27:49 +0100 (CET) Message-ID: <41921750.7020802@locolomo.org> Date: Wed, 10 Nov 2004 14:27:44 +0100 From: Erik Norgaard Organization: Loco Lomography User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20040918 X-Accept-Language: en, en-us, da, it, es MIME-Version: 1.0 To: Nelis Lamprecht References: <4191FBB7.6090509@locolomo.org> <7cbadc8704111004264f709558@mail.gmail.com> <419209A3.8020409@locolomo.org> <7cbadc87041110045470793cb9@mail.gmail.com> In-Reply-To: <7cbadc87041110045470793cb9@mail.gmail.com> X-Enigmail-Version: 0.84.2.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: FreeBSD Questions Subject: Re: BIND9 on 4.10: couldn't open pid file: permission denied X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Nov 2004 13:27:51 -0000 Nelis Lamprecht wrote: > Oops my bad. The only other explanation I can think of then is that > the path for the pid file may be specified incorrectly in your > named.conf in relation to your chroot ? I thought that too. First, I had no path specified in named.conf, defaults to /var/run/named.pid - relative to the (ch)root dir. I tried to specify that path with and without leading / in named.conf, options { pid-file }. Same result. Starting up with '-u root' creates a pid-file where I expect, and the directory has correct permissions as listed in previous post. I have now tried this: # chroot -u bind -g bind /var/named /usr/local/sbin/named -c \ /etc/named.conf This starts up bind and a pid file is correctly created in ${CHROOTDIR}/var/run but since prileges are dropped before binding to the interface it runs on an unprivileged port. Not really satisfying either :-( And this fails: # chroot /var/named /usr/local/sbin/named -g -u bind -t / -c \ /etc/named.conf with the same error as before. Somehow it appears that named tries to create a pid file as a user that is not 'bind' nor 'root'. Is there some way I can get that information out? Mystery deepens...? Thanks, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2