From nobody Sun Jun 30 11:46:09 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WBnSX09G7z5Plvj for ; Sun, 30 Jun 2024 11:46:20 +0000 (UTC) (envelope-from sthaug@nethelp.no) Received: from bizet.nethelp.no (bizet.nethelp.no [195.1.209.4]) by mx1.freebsd.org (Postfix) with ESMTP id 4WBnSW1ywzz4lhW for ; Sun, 30 Jun 2024 11:46:19 +0000 (UTC) (envelope-from sthaug@nethelp.no) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of sthaug@nethelp.no designates 195.1.209.4 as permitted sender) smtp.mailfrom=sthaug@nethelp.no Received: from localhost (bizet.nethelp.no [195.1.209.4]) by bizet.nethelp.no (Postfix) with ESMTP id 19F75646B09 for ; Sun, 30 Jun 2024 13:46:10 +0200 (CEST) Date: Sun, 30 Jun 2024 13:46:09 +0200 (CEST) Message-Id: <20240630.134609.2166404118346455953.sthaug@nethelp.no> To: freebsd-stable@freebsd.org Subject: BIND 9.19.24 not listening to rndc port (953) From: sthaug@nethelp.no X-Mailer: Mew version 6.9 on Emacs 29.2 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-stable@freebsd.org Sender: owner-freebsd-stable@FreeBSD.org Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spamd-Bar: / X-Spamd-Result: default: False [0.05 / 15.00]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM_MEDIUM(-0.95)[-0.953]; NEURAL_HAM_SHORT(-0.89)[-0.885]; MV_CASE(0.50)[]; NEURAL_SPAM_LONG(0.49)[0.485]; R_SPF_ALLOW(-0.20)[+mx]; ONCE_RECEIVED(0.10)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_NO_TLS_LAST(0.10)[]; RCPT_COUNT_ONE(0.00)[1]; FROM_NO_DN(0.00)[]; ASN(0.00)[asn:2116, ipnet:195.1.0.0/16, country:NO]; RCVD_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+]; TO_DN_NONE(0.00)[]; ARC_NA(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org]; DMARC_NA(0.00)[nethelp.no]; R_DKIM_NA(0.00)[] X-Rspamd-Queue-Id: 4WBnSW1ywzz4lhW Short description: Fresh install of bind9-devel-9.19.24_1 doesn't listen to localhost port 953, with the result that rndc doesn't work. Problem is 100% reproducible. Environment: - FreeBSD 13.3-STABLE #n257580 - BIND 9.19.24 installed using "pkg install bind9-devel-9.19.24_1" - Default (directly from the package) named.conf, no changes - rc.conf has named_enable="YES" added - named started using service named start If I then try to use rndc, it doesn't work: # rndc status rndc: connect failed: 127.0.0.1#953: connection refused In syslog I can see among the startup messages: Jun 30 12:53:31 nlab0 named[31772]: couldn't add command channel 127.0.0.1#953: permission denied Jun 30 12:53:31 nlab0 named[31772]: couldn't add command channel ::1#953: permission denied which explains the rndc error message - but doesn't explain *why* this happens. Other info: - BIND 9.18.24 on the same host works perfectly, with no rndc issues. - BIND 9.19.24 on the same host also works *if I change it to run as root* (by default it runs as user bind). The syslog messages are gone, and rndc works as expected. Speculation: 9.19.24 Release notes, under Feature changes, lists: Multiple RNDC messages are now processed when sent in a single TCP message. So maybe a bug introduced in connection with this feature change? Steinar Haug, AS2116