From owner-freebsd-isp@FreeBSD.ORG Fri Jul 27 13:19:38 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A922F16A41A for ; Fri, 27 Jul 2007 13:19:38 +0000 (UTC) (envelope-from patrick_dkt@yahoo.com.hk) Received: from web54301.mail.re2.yahoo.com (web54301.mail.re2.yahoo.com [206.190.49.111]) by mx1.freebsd.org (Postfix) with SMTP id 4712F13C468 for ; Fri, 27 Jul 2007 13:19:38 +0000 (UTC) (envelope-from patrick_dkt@yahoo.com.hk) Received: (qmail 52488 invoked by uid 60001); 27 Jul 2007 13:19:37 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.hk; h=X-YMail-OSG:Received:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=Qo9uCZFAzllgvp3Ak6rD9LBc250c49E8YDMZcPuN7dbBSxQumQnqguEUgohseXE2Vzjsf+IVuan7slCO2zN2DPSB4SP5H6jU5mWbD2r+iAhQAO0yjt7UGOByL1sfEBQCnhjB3lKikVIxbtzy0f9R0Z+Ab6Tv5wwjsdru1ifFe9o=; X-YMail-OSG: jgZwOBAVM1nP35midtyi8lSzvhdGgHGfup5LYpyk_.3Feu9LRqCxNjHrrqOTmjCKww-- Received: from [61.15.61.52] by web54301.mail.re2.yahoo.com via HTTP; Fri, 27 Jul 2007 06:19:37 PDT Date: Fri, 27 Jul 2007 06:19:37 -0700 (PDT) From: Patrick Dung To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Message-ID: <413095.46144.qm@web54301.mail.re2.yahoo.com> Cc: freebsd-isp@freebsd.org Subject: ISC bind9 with dynamic DNS update (chroot problem) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2007 13:19:38 -0000 Hi I use FreeBSD 6.2 and the base bind9. For dynamic DNS update, bind9 automatically generate the journal file (end in .jnl). The default config is to use chroot and the running user as 'bind'. The problem is that after named is started (/etc/init.d/named start), the default chroot directory /var/named/etc/named permission will be reset to own by root. So the named daemon (run as user 'bind') cannot create the journal file and complain: Jul 27 21:06:54 fbsd62 named[2862]: general: localdomain.db.jnl: create: permission denied One temp fix is to use chroot and run as root, any suggestions? Regards Patrick ____________________________________________________________________________________ Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out. http://answers.yahoo.com/dir/?link=list&sid=396545469