From owner-freebsd-www@FreeBSD.ORG Tue Nov 8 02:30:13 2005 Return-Path: X-Original-To: freebsd-www@hub.freebsd.org Delivered-To: freebsd-www@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8834B16A420 for ; Tue, 8 Nov 2005 02:30:13 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 108E643D45 for ; Tue, 8 Nov 2005 02:30:13 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id jA82UCJW088943 for ; Tue, 8 Nov 2005 02:30:12 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id jA82UChO088942; Tue, 8 Nov 2005 02:30:12 GMT (envelope-from gnats) Resent-Date: Tue, 8 Nov 2005 02:30:12 GMT Resent-Message-Id: <200511080230.jA82UChO088942@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-www@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Yasholomew Yashinski Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3C99116A41F for ; Tue, 8 Nov 2005 02:22:26 +0000 (GMT) (envelope-from yashy@yashy.com) Received: from mail.yashy.com (mail.yashy.com [206.248.137.44]) by mx1.FreeBSD.org (Postfix) with ESMTP id B2EF443D4C for ; Tue, 8 Nov 2005 02:22:25 +0000 (GMT) (envelope-from yashy@yashy.com) Received: by mail.yashy.com (Postfix, from userid 1001) id A992663C6; Mon, 7 Nov 2005 21:22:27 -0500 (EST) Message-Id: <20051108022227.A992663C6@mail.yashy.com> Date: Mon, 7 Nov 2005 21:22:27 -0500 (EST) From: Yasholomew Yashinski To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: www/88636: handbook instruction could shut down named X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Yasholomew Yashinski List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Nov 2005 02:30:13 -0000 >Number: 88636 >Category: www >Synopsis: handbook instruction could shut down named >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-www >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Tue Nov 08 02:30:12 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Yasholomew Yashinski >Release: FreeBSD 5.4-RELEASE i386 >Organization: >Environment: >Description: >From http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-dns.html Arrange to have named start and chroot itself to the sandbox by adding the following to /etc/rc.conf: named_enable="YES" named_flags="-u bind -g bind -t /etc/namedb /etc/named.conf" from "man named": -g Run the server in the foreground and force all logging to stderr. -c config-file Use config-file as the configuration file instead of the default, /etc/namedb/named.conf. To ensure that reloading the configuration file continues to work after the server has changed its working directory due to to a possible directory option in the configuration file, config-file should be an abso- lute pathname. >How-To-Repeat: Use instructions from the handbook >Fix: the rc.conf entry should read: named_enable="YES" named_flags="-u bind -t /etc/namedb -c /etc/named.conf" I've had to make several other changes to get named to run: # mkdir /var/named/etc/namedb/var/run/named/ # chown -R bind /var/named/etc/namedb/var diff named.conf* 11,12d10 < include "./rndc.key"; < 14c12 < directory "/"; --- > directory "/etc/namedb"; I would also suggest that http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bind9.html should be completely integrated into the previous page, as the majority of this page is simply duplication of the former page. >Release-Note: >Audit-Trail: >Unformatted: