Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 26 Apr 1999 18:55:54 -0400 (EDT)
From:      Spidey <spidey@jsp.umontreal.ca>
To:        Doug White <dwhite@resnet.uoregon.edu>
Cc:        freebsd-questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: Bind in a sandbox
Message-ID:  <Pine.BSF.3.96.990426185450.11803G-100000@freed.dyn.ez-ip.net>
In-Reply-To: <Pine.BSF.4.03.9904261551060.6951-100000@resnet.uoregon.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
Ok.. I guess I'll just have to run it as root again... unless there's
another convention for a _unprivileged_ port for bind?

Doesn't bind start as root and then switches to the user 'bind'?

On Mon, 26 Apr 1999, Doug White wrote:

> On Sat, 24 Apr 1999, Spidey wrote:
> 
> > Hi!
> > 
> > I've been running BIND in a sandbox for some time now. I have a
> > intermittent connection to the net, so sometimes, I have messages like
> > named[$$]: deleting interface $MYADDR.53. This was normal.
> > 
> > But now that I run BIND in a sandbox, I get:
> > 
> >  Apr 24 14:22:25 freed named[101]: bind(dfd=22, [10.0.2.15].53):
> > Permission denied
> > Apr 24 14:22:25 freed named[101]: bind(dfd=22, [10.0.2.15].53): Permission
> > denied
> > Apr 24 14:22:25 freed named[101]: bind(dfd=22, [10.0.2.15].53): Permission
> > denied
> > Apr 24 14:22:25 freed named[101]: deleting interface [10.0.2.15].53
> > 
> > 
> > I start bind using: named -u bind -g bind
> > 
> > Thanks.
> 
> Since you're not running as root, you're not allowed to attach to the
> privilieged port 53.   I'm not familiar with the sandbox behavior so I
> don'tknow how named gets around this.
> 
> Doug White                               
> Internet:  dwhite@resnet.uoregon.edu    | FreeBSD: The Power to Serve
> http://gladstone.uoregon.edu/~dwhite    | www.freebsd.org
> 

Si l'image donne l'illusion de savoir
C'est que l'adage pretend que pour croire,
L'important ne serait que de voir

Lofofora



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990426185450.11803G-100000>