From owner-freebsd-current Fri Aug 3 19:21: 8 2001 Delivered-To: freebsd-current@freebsd.org Received: from white.imgsrc.co.jp (ns.imgsrc.co.jp [210.226.20.2]) by hub.freebsd.org (Postfix) with ESMTP id AC93137B406 for ; Fri, 3 Aug 2001 19:21:04 -0700 (PDT) (envelope-from kuriyama@imgsrc.co.jp) Received: from black.imgsrc.co.jp (black.imgsrc.co.jp [2001:218:422:2:290:27ff:fe98:c0b7]) by white.imgsrc.co.jp (Postfix) with ESMTP id D6A2824D22 for ; Sat, 4 Aug 2001 11:21:03 +0900 (JST) Received: from waterblue.imgsrc.co.jp (waterblue.imgsrc.co.jp [210.226.20.160]) by black.imgsrc.co.jp (Postfix) with ESMTP id 73FEDD1401 for ; Sat, 4 Aug 2001 11:21:02 +0900 (JST) Date: Sat, 04 Aug 2001 11:21:01 +0900 Message-ID: <7mitg4lg4y.wl@waterblue.imgsrc.co.jp> From: Jun Kuriyama To: Current Subject: named -u bind User-Agent: Wanderlust/2.6.0 (Twist And Shout) SEMI/1.14.3 (Ushinoya) FLIM/1.14.3 (=?ISO-8859-1?Q?Unebigory=F2mae?=) APEL/10.3 MULE XEmacs/21.1 (patch 14) (Cuyahoga Valley) (i386--freebsd) MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya") Content-Type: multipart/mixed; boundary="Multipart_Sat_Aug__4_11:21:01_2001-1" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --Multipart_Sat_Aug__4_11:21:01_2001-1 Content-Type: text/plain; charset=US-ASCII Are there any reasons not to use "-u bind" flag for named by default? # Or importing code to use chroot from OpenBSD? -- Jun Kuriyama // IMG SRC, Inc. // FreeBSD Project --Multipart_Sat_Aug__4_11:21:01_2001-1 Content-Type: application/octet-stream; type=patch Content-Disposition: attachment; filename="bind.diff" Content-Transfer-Encoding: 7bit Index: defaults/rc.conf =================================================================== RCS file: /home/ncvs/src/etc/defaults/rc.conf,v retrieving revision 1.119 diff -u -r1.119 rc.conf --- defaults/rc.conf 2001/07/28 19:57:57 1.119 +++ defaults/rc.conf 2001/08/04 02:11:55 @@ -121,8 +121,7 @@ # named_enable="NO" # Run named, the DNS server (or NO). named_program="named" # path to named, if you want a different one. -named_flags="" # Flags for named -#named_flags="-u bind -g bind" # Flags for named +named_flags="-u bind -g bind" # Flags for named # # kerberos. Do not run the admin daemons on slave servers Index: mtree/BSD.var.dist =================================================================== RCS file: /home/ncvs/src/etc/mtree/BSD.var.dist,v retrieving revision 1.47 diff -u -r1.47 BSD.var.dist --- mtree/BSD.var.dist 2001/07/28 20:00:54 1.47 +++ mtree/BSD.var.dist 2001/08/04 02:10:08 @@ -55,6 +55,8 @@ preserve .. run + named uname=bind gname=bind + .. .. rwho gname=daemon mode=0775 .. Index: namedb/named.conf =================================================================== RCS file: /home/ncvs/src/etc/namedb/named.conf,v retrieving revision 1.9 diff -u -r1.9 named.conf --- namedb/named.conf 2001/05/28 13:43:26 1.9 +++ namedb/named.conf 2001/08/04 02:07:54 @@ -8,6 +8,7 @@ options { directory "/etc/namedb"; + pid-file "/var/run/named/pid"; // In addition to the "forwarders" clause, you can force your name // server to never initiate queries of its own, but always ask its --Multipart_Sat_Aug__4_11:21:01_2001-1-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message