From owner-freebsd-questions@FreeBSD.ORG  Thu Jun 17 02:33:04 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9DD3F106566C
	for <freebsd-questions@freebsd.org>;
	Thu, 17 Jun 2010 02:33:04 +0000 (UTC)
	(envelope-from martin@dc.cis.okstate.edu)
Received: from dc.cis.okstate.edu (dc.cis.okstate.edu [139.78.103.93])
	by mx1.freebsd.org (Postfix) with ESMTP id 6A4338FC08
	for <freebsd-questions@freebsd.org>;
	Thu, 17 Jun 2010 02:33:04 +0000 (UTC)
Received: from dc.cis.okstate.edu (localhost.cis.okstate.edu [127.0.0.1])
	by dc.cis.okstate.edu (8.14.2/8.13.8) with ESMTP id o5H2Welb014148
	for <freebsd-questions@freebsd.org>;
	Wed, 16 Jun 2010 21:32:40 -0500 (CDT)
	(envelope-from martin@dc.cis.okstate.edu)
Message-Id: <201006170232.o5H2Welb014148@dc.cis.okstate.edu>
To: freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <14146.1276741960.1@dc.cis.okstate.edu>
Date: Wed, 16 Jun 2010 21:32:40 -0500
From: Martin McCormick <martin@dc.cis.okstate.edu>
Subject: Ownership of /var/named Changes on Reboot.
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jun 2010 02:33:04 -0000

	I run named chrooted to bind but not in a jail. When the
system reboots, something changes ownership of /var/named back
to root:wheel.

	I have thought several times I figured out how to
prevent this from happening, but to no avail. The most promising
lead was the following directives in /etc/rc.conf.local:

named_uid="bind" 		# User to run named as
named_chrootdir=""	# Chroot directory (or "" not to auto-chroot it)
named_chroot_autoupdate="YES"	# Automatically install/update chrooted

	Is there a way to keep /var/named owned by bind across
reboots?

	Our production FreeBSD systems are up for years at a
time so we don't see this problem often, but we have just been
lucky that I am usually the one to reboot and know that named
will come up broken and exit because named can not write in to
/var/named when it is owned by root. It would be really nice to
be able to count on /var/named staying put so named can just
start automatically after a reboot.

	I prefer for named to run as a low-priority UID rather
than as root so if I am doing something wrong, tell me that,
also. We have been running named with a high-numbered UID for
probably ten years and the force back to root ownership has
always been a factor when the system is rebooted.

	Thank you.

Martin McCormick WB5AGZ  Stillwater, OK 
Systems Engineer
OSU Information Technology Department Telecommunications Services Group