From owner-freebsd-questions  Mon Mar 12  7:26:10 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from mail.nbrewer.com (sparge.nbrewer.com [208.42.68.70])
	by hub.freebsd.org (Postfix) with ESMTP id 8EF9037B719
	for <questions@freebsd.org>; Mon, 12 Mar 2001 07:26:04 -0800 (PST)
	(envelope-from chris@nbrewer.com)
Received: by mail.nbrewer.com (Postfix, from userid 1001)
	id 927BB383071; Mon, 12 Mar 2001 09:26:03 -0600 (CST)
Date: Mon, 12 Mar 2001 09:26:03 -0600
From: Christopher Farley <chris@northernbrewer.com>
To: Mike Meyer <mwm@mired.org>
Cc: eugene@anime.net, questions@freebsd.org
Subject: Re: /var/run/named.pid annoyance
Message-ID: <20010312092601.E78116@northernbrewer.com>
Mail-Followup-To: Christopher Farley <chris@northernbrewer.com>,
	Mike Meyer <mwm@mired.org>, eugene@anime.net, questions@freebsd.org
References: <123947882@toto.iv> <15020.56771.969473.579120@guru.mired.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <15020.56771.969473.579120@guru.mired.org>; from mwm@mired.org on Mon, Mar 12, 2001 at 08:31:31AM -0600
Organization: Northern Brewer, St. Paul, MN
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Mike Meyer (mwm@mired.org) wrote:

> Christopher Farley <chris@northernbrewer.com> types:
> >
> > The desired workaround is to change the PID file location by adding
> > this to the "options" section of your /etc/namedb/named.conf file:
> > 
> >       pid-file "/var/named/named.pid"
> > 
> > You must then (as root):
> > 
> > # mkdir /var/named
> > # chown bind:bind /var/named
> > 
> > 
> > More details on this setup are available at:
> > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01%3A18.bind.asc
> 
> I'm not sure why that's the "desired" solution. The FreeBSD SA didn't
> provide any answers, either.
> 
> I just did the chown on /var/run/named.pid, and that solved the
> problem. If you clean /var/run at each reboot, that won't help.

Is this why the SA suggests /var/named?

(Or is it because the O'Reilly's DNS and BIND book suggests using this
directory?)

I can certainly say that an even more "desired" solution is to run named
in a chrooted environment, but that takes a bit more effort.

http://www.losurs.org/docs/howto/Chroot-BIND.html

-- 
Christopher Farley
www.northernbrewer.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message