Date: Mon, 7 Nov 2005 21:22:27 -0500 (EST) From: Yasholomew Yashinski <yashy@mail.yashy.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: www/88636: handbook instruction could shut down named Message-ID: <20051108022227.A992663C6@mail.yashy.com> Resent-Message-ID: <200511080230.jA82UChO088942@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 88636 >Category: www >Synopsis: handbook instruction could shut down named >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-www >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Tue Nov 08 02:30:12 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Yasholomew Yashinski >Release: FreeBSD 5.4-RELEASE i386 >Organization: >Environment: >Description: >From http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-dns.html Arrange to have named start and chroot itself to the sandbox by adding the following to /etc/rc.conf: named_enable="YES" named_flags="-u bind -g bind -t /etc/namedb /etc/named.conf" from "man named": -g Run the server in the foreground and force all logging to stderr. -c config-file Use config-file as the configuration file instead of the default, /etc/namedb/named.conf. To ensure that reloading the configuration file continues to work after the server has changed its working directory due to to a possible directory option in the configuration file, config-file should be an abso- lute pathname. >How-To-Repeat: Use instructions from the handbook >Fix: the rc.conf entry should read: named_enable="YES" named_flags="-u bind -t /etc/namedb -c /etc/named.conf" I've had to make several other changes to get named to run: # mkdir /var/named/etc/namedb/var/run/named/ # chown -R bind /var/named/etc/namedb/var diff named.conf* 11,12d10 < include "./rndc.key"; < 14c12 < directory "/"; --- > directory "/etc/namedb"; I would also suggest that http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bind9.html should be completely integrated into the previous page, as the majority of this page is simply duplication of the former page. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051108022227.A992663C6>