From owner-freebsd-ports@freebsd.org  Sat May  2 15:31:54 2020
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 308A02D2830
 for <freebsd-ports@mailman.nyi.freebsd.org>;
 Sat,  2 May 2020 15:31:54 +0000 (UTC)
 (envelope-from imb@protected-networks.net)
Received: from mail.protected-networks.net (mail.protected-networks.net
 [IPv6:2001:470:8d59:1::8])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "mail.protected-networks.net",
 Issuer "Protected Networks CA" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 49DtQK1Nrnz4KHW
 for <freebsd-ports@freebsd.org>; Sat,  2 May 2020 15:31:52 +0000 (UTC)
 (envelope-from imb@protected-networks.net)
Received: from toshi.auburn.protected-networks.net
 (toshi.auburn.protected-networks.net [192.168.1.10])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (Client did not present a certificate)
 (Authenticated sender: imb@mail.protected-networks.net)
 by mail.protected-networks.net (Postfix) with ESMTPSA id 4EB2D1ADE3;
 Sat,  2 May 2020 11:31:45 -0400 (EDT)
Subject: Re: Bind 9.16 port error still lingers
To: Christoph Moench-Tegeder <cmt@burggraben.net>
Cc: The Doctor <doctor@doctor.nl2k.ab.ca>, freebsd-ports@freebsd.org
References: <20200502140501.GA16385@doctor.nl2k.ab.ca>
 <20200502143210.GA4453@elch.exwg.net>
 <20200502151636.GA22397@doctor.nl2k.ab.ca>
From: Michael Butler <imb@protected-networks.net>
Message-ID: <e2e88e8d-7470-ebb1-05e9-55a1cb51a56c@protected-networks.net>
Date: Sat, 2 May 2020 11:31:44 -0400
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101
 Thunderbird/68.7.0
MIME-Version: 1.0
In-Reply-To: <20200502151636.GA22397@doctor.nl2k.ab.ca>
Content-Type: text/plain; charset=windows-1252
Content-Language: en-NZ
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 49DtQK1Nrnz4KHW
X-Spamd-Bar: ------
X-Spamd-Result: default: False [-6.53 / 15.00]; ARC_NA(0.00)[];
 RCVD_VIA_SMTP_AUTH(0.00)[];
 R_DKIM_ALLOW(-0.20)[protected-networks.net:s=201508];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[];
 RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+mx];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain];
 TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 DKIM_TRACE(0.00)[protected-networks.net:+];
 DMARC_POLICY_ALLOW(-0.50)[protected-networks.net,reject];
 FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+];
 IP_SCORE(-3.53)[ip: (-9.39), ipnet: 2001:470::/32(-4.64), asn: 6939(-3.59),
 country: US(-0.05)]; 
 ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US];
 MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[];
 RCVD_COUNT_TWO(0.00)[2]
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 02 May 2020 15:31:54 -0000

On 5/2/20 11:16 AM, The Doctor via freebsd-ports wrote:
> On Sat, May 02, 2020 at 04:32:10PM +0200, Christoph Moench-Tegeder wrote:
>> ## The Doctor via freebsd-ports (freebsd-ports@freebsd.org):
>>
>>> Subject: Bind 9.16 port error still lingers
>>
>> "Still"?
>>
>>> May  1 21:29:02 gallifrey named[90441]: Required root permissions to open '/var/run/named.pid'.
>>> May  1 21:29:02 gallifrey named[90441]: Please check file and directory permissions or reconfigure the filename.
>>
>> Did you?
>> BTW the default location for named's pidfile on FreeBSD is
>> /var/run/named/pid.
>>
>>> May  1 21:29:02 gallifrey named[90441]: parser.c:950: REQUIRE(obj != ((void *)0) && obj->type->rep == &cfg_rep_uint32) failed, back trace
>>
>> Some (configuration) value should be an integer, but isn't.
>>
> 
> cat /var/run/named.pid
> 15640
> 
> running bind911
> 
> and ls -Fail /var/run/named.pid
> 
> -rw-r--r-- 1 root wheel 6 May 1 21:38 /var/run/named.pid

By default, you need 'root' permissions to write to the /var/run
directory. As the port is configured on FreeBSD, BIND drops privileges
as soon as practical to that of the 'bind' user and group. For example:

imb@sarah:/home/imb> ls -l /var/run/named/
total 8
-rw-r--r--  1 bind  bind    4 Apr 30 21:05 pid
-rw-------  1 bind  bind  102 Apr 30 21:05 session.key

It seems you have incorrectly changed the configuration by not taking
these permissions into account. Check your named.conf for the incorrect
definition of pid-file - it should be "/var/run/named/pid",


	imb