From nobody Thu Sep 19 17:16:43 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X8hyX233Wz5Wcwv for ; Thu, 19 Sep 2024 17:16:52 +0000 (UTC) (envelope-from mack@macktronics.com) Received: from mail.macktronics.com (coco.macktronics.com [209.181.253.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4X8hyV3S5Gz42FR for ; Thu, 19 Sep 2024 17:16:50 +0000 (UTC) (envelope-from mack@macktronics.com) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=macktronics.com; spf=pass (mx1.freebsd.org: domain of mack@macktronics.com designates 209.181.253.65 as permitted sender) smtp.mailfrom=mack@macktronics.com Received: from olive.macktronics.com (olive.macktronics.com [209.181.253.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.macktronics.com (Postfix) with ESMTPS id C814E11F7; Thu, 19 Sep 2024 12:16:43 -0500 (CDT) Date: Thu, 19 Sep 2024 12:16:43 -0500 (CDT) From: Dan Mack To: sthaug@nethelp.no cc: bzeeb-lists@lists.zabbadoz.net, freebsd-stable@freebsd.org Subject: Re: BIND 9.19.24 not listening to rndc port (953) In-Reply-To: <20240702.191333.1782316333681428598.sthaug@nethelp.no> Message-ID: <35410f21-8e52-a853-ad21-4fd05d0f8b3c@macktronics.com> References: <38321p06-q966-p811-oqpq-q679qpo9pp31@yvfgf.mnoonqbm.arg> <20240702.112250.268297637701792446.sthaug@nethelp.no> <18s0oq25-816s-84ns-41np-47402182ns46@yvfgf.mnoonqbm.arg> <20240702.191333.1782316333681428598.sthaug@nethelp.no> List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-stable@freebsd.org Sender: owner-freebsd-stable@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Spamd-Result: default: False [-1.66 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_SPAM_LONG(0.99)[0.992]; NEURAL_HAM_SHORT(-0.95)[-0.952]; DMARC_POLICY_ALLOW(-0.50)[macktronics.com,none]; R_SPF_ALLOW(-0.20)[+ip4:209.181.253.64/29]; MIME_GOOD(-0.10)[text/plain]; ONCE_RECEIVED(0.10)[]; RCVD_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; ASN(0.00)[asn:209, ipnet:209.181.252.0/23, country:US]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; RCVD_TLS_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org]; FROM_HAS_DN(0.00)[]; R_DKIM_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_NONE(0.00)[]; RCPT_COUNT_THREE(0.00)[3] X-Rspamd-Queue-Id: 4X8hyV3S5Gz42FR X-Spamd-Bar: - On Tue, 2 Jul 2024, sthaug@nethelp.no wrote: >>> So we set uid 53 (bind) at 0.083518302, and then try to bind to port >>> 953 at 0.093282161. >> >> Are you going to poe a bug with the bind people? > > Already did: https://gitlab.isc.org/isc-projects/bind9/-/issues/4793 > > Steinar Haug, AS2116 Probably everyone knows but this still happens in the bind920-9.20.1 package. However, BIND 9.20.2 was released yesterday with a change to when bind drops privilege levels so perhaps we will have a working version when the port / package is updated. Dan