From owner-freebsd-questions@FreeBSD.ORG Mon Dec 3 19:38:06 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F111316A421 for ; Mon, 3 Dec 2007 19:38:06 +0000 (UTC) (envelope-from martin@dc.cis.okstate.edu) Received: from m.it.okstate.edu (m.it.okstate.edu [139.78.2.129]) by mx1.freebsd.org (Postfix) with ESMTP id BD98413C458 for ; Mon, 3 Dec 2007 19:38:06 +0000 (UTC) (envelope-from martin@dc.cis.okstate.edu) Received: from dc.cis.okstate.edu (localhost.it.okstate.edu [127.0.0.1]) by m.it.okstate.edu (8.13.8/8.13.8) with ESMTP id lB3Jc5nP021798 for ; Mon, 3 Dec 2007 13:38:05 -0600 (CST) (envelope-from martin@dc.cis.okstate.edu) Message-Id: <200712031938.lB3Jc5nP021798@m.it.okstate.edu> To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <21796.1196710685.1@dc.cis.okstate.edu> Date: Mon, 03 Dec 2007 13:38:05 -0600 From: Martin McCormick Subject: Bind 9.3.4P1 Wouldn't run in Sandbox in FreeBSD6.2p9. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Dec 2007 19:38:07 -0000 I don't know if this is a bind question or a FreeBSD question since it could be either. We've run bind in a sandbox for some years. After the latest security upgrades to FreeBSD6.2.9, bind refused to start. If I change ownership of /var/named to root:wheel and run named as root, it works fine again. This was kind of a shock and I needed to get bind going in a hurry so I am asking if there is a way to make bind run with the less important user ID when it is not in a jail. I am so glad I tried this on a caching DNS first. Thanks for answers or pointers as to where to read about this change. Martin McCormick WB5AGZ Stillwater, OK Systems Engineer OSU Information Technology Department Network Operations Group