From owner-freebsd-security  Tue May 16 11:22:49 2000
Delivered-To: freebsd-security@freebsd.org
Received: from enggate.uwi.tt (enggate.uwi.tt [196.3.139.34])
	by hub.freebsd.org (Postfix) with SMTP id D06A737B62B
	for <freebsd-security@FreeBSD.ORG>; Tue, 16 May 2000 11:22:44 -0700 (PDT)
	(envelope-from Feisal.O.Mohammed@uwi.tt)
Received: (qmail 6606 invoked by uid 0); 16 May 2000 18:21:20 -0000
Received: from ldc.eng.uwi.tt (192.168.20.31)
  by bsd.eng.uwi.tt with SMTP; 16 May 2000 18:21:20 -0000
Received: from feisalpc.eng.uwi.tt (router.eng.uwi.tt [192.168.20.195])
	by ldc.eng.uwi.tt (8.9.1/8.9.1) with SMTP id OAA07903
	for <freebsd-security@FreeBSD.ORG>; Tue, 16 May 2000 14:15:43 +0400 (GMT)
Received: (qmail 66869 invoked from network); 16 May 2000 18:24:10 -0000
Received: from localhost.eng.uwi.tt (HELO uwi.tt) (127.0.0.1)
  by localhost.eng.uwi.tt with SMTP; 16 May 2000 18:24:10 -0000
Message-ID: <39219248.7628FC0A@uwi.tt>
Date: Tue, 16 May 2000 14:24:09 -0400
From: Feisal Mohammed <Feisal.O.Mohammed@uwi.tt>
Organization: University of the West Indies
X-Mailer: Mozilla 4.73 [en] (X11; U; FreeBSD 3.4-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: FreeBSD-security Mailing List <freebsd-security@FreeBSD.ORG>
Subject: Re: pid file for named
References: <200005161750.KAA71328@sivka.rdy.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Dima Ruban wrote:
> 
> Frank Tobin writes:
> > One often wishes to run daemons such as named under other users, e.g.,
> > bind:bind.  In order to allow bind to write out zones and associated fun
> > stuff correctly, one then does a
> >
> > chmod -R bind:bind /etc/named
> >
> > However, the pid file, /var/run/named.pid, which named tries to write out
> 
> You can set it in named.conf:
> 
> options {
>         ...
>         pid-file "/etc/namedb/run/named.pid";
>         ...
> };
> 
> However, this will break "ncd", since it's looking for /var/run/named.pid
> instead of extracting current "pid-file" value from the named.conf.
> 
> -- dima
> 

That can be fixed as follows, I have two named running
one on the inside interface and the other on the outside
interface.

-Feisal

/* inside interface */
options {
        directory "/etc/namedb";
        listen-on { x.in.si.de; };
        forwarders { x.in.si.de; };
        pid-file "/var/run/named-inside.pid";
};

controls {
        unix "/var/run/ndc-inside"
        perm 0600
        owner xxx
        group xxx;
};


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message