From owner-freebsd-questions@FreeBSD.ORG Mon Oct 4 21:21:57 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AF4AE1065670 for ; Mon, 4 Oct 2010 21:21:57 +0000 (UTC) (envelope-from mpope@teksavvy.com) Received: from ironport2-out.pppoe.ca (ironport2-out.teksavvy.com [206.248.154.181]) by mx1.freebsd.org (Postfix) with ESMTP id 767858FC1A for ; Mon, 4 Oct 2010 21:21:57 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AoUDAKLhqUzO+KvQ/2dsb2JhbAAHoSvHcYVHBIlSiDY X-IronPort-AV: E=Sophos;i="4.57,280,1283745600"; d="scan'208";a="78024900" Received: from 206-248-171-208.dsl.teksavvy.com (HELO [192.168.111.150]) ([206.248.171.208]) by ironport2-out.pppoe.ca with ESMTP; 04 Oct 2010 17:21:56 -0400 Message-ID: <4CAA4581.1050804@teksavvy.com> Date: Mon, 04 Oct 2010 17:22:09 -0400 From: Matthew User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.12) Gecko/20100915 Thunderbird/3.0.8 MIME-Version: 1.0 To: krad References: <4CA61FE5.9050306@teksavvy.com> <4CA6419C.3050109@cyberleo.net> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: CyberLeo Kitsana , freebsd-questions@freebsd.org Subject: Re: BIND: could not configure root hints from 'named.root': file not found X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Oct 2010 21:21:57 -0000 Krad, Thank you for the tip. I've changed the "." to the correct value. Matthew > On 1 October 2010 21:16, CyberLeo Kitsana wrote: > > >> On 10/01/2010 12:52 PM, Matthew wrote: >> >>> I would be grateful for any pointers on how to resolve this. I suspect >>> the error message may not be exactly descriptive of whats happening. >>> >> Kinda. >> >> Here's a few points to keep in mind when working with bind in FreeBSD: >> >> * By default, named runs in a chroot jail rooted at /var/named/. >> >> * For security reasons, named cannot write to anything in that tree, >> except the dynamic, slave, and working directories. >> >> * named uses its current working directory to resolve relative pathnames >> in the configuration file. >> >> * With a recent change to ISC Bind 9, named started complaining if it >> couldn't write to its current working directory. At the time, this was >> (chroot)/etc/namedb/; this was subsequently changed to >> (chroot)/etc/namedb/working/ to make named happy without compromising >> security. >> >> When the working directory for named was (chroot)/etc/namedb/, >> everything was peachy. Since this was changed, relative pathnames no >> longer work as expected because the reference point is different. The >> easiest solution is to alter your configuration file to include only >> absolute pathnames, relative to the root of the jail. >> >> The default named config file (in /var/named/etc/namedb/named.conf) is >> an excellent source of examples for this. >> >> -- >> Fuzzy love, >> -CyberLeo >> Technical Administrator >> CyberLeo.Net Webhosting >> http://www.CyberLeo.Net >> >> >> Furry Peace! - http://wwww.fur.com/peace/ >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to " >> freebsd-questions-unsubscribe@freebsd.org" >> >> > > Hmm, > > > options { > directory "."; > > that doesnt look ideal. Not sure if you are meaning to do that but put an > explicit direcorty in eg /etc/namedb. Otherwise it will be looking in > whatever current directory you are in at that time. The main named.conf will > be found as its supplied via a cli switch by the rc script. However all > subsequent files will come from the current dir > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > >