From owner-freebsd-security  Tue May 16 11:46: 0 2000
Delivered-To: freebsd-security@freebsd.org
Received: from sivka.rdy.com (sivka.rdy.com [207.33.166.86])
	by hub.freebsd.org (Postfix) with ESMTP id 88A8737B97A
	for <freebsd-security@FreeBSD.ORG>; Tue, 16 May 2000 11:45:57 -0700 (PDT)
	(envelope-from dima@rdy.com)
Received: (from dima@localhost)
	by sivka.rdy.com (8.9.3/8.9.3) id LAA71684;
	Tue, 16 May 2000 11:44:54 -0700 (PDT)
	(envelope-from dima)
Message-Id: <200005161844.LAA71684@sivka.rdy.com>
Subject: Re: pid file for named
In-Reply-To: <39219248.7628FC0A@uwi.tt> from Feisal Mohammed at "May 16, 2000
 02:24:09 pm"
To: Feisal Mohammed <Feisal.O.Mohammed@uwi.tt>
Date: Tue, 16 May 2000 11:44:53 -0700 (PDT)
Cc: FreeBSD-security Mailing List <freebsd-security@FreeBSD.ORG>
Organization: HackerDome
Reply-To: dima@rdy.com
From: dima@rdy.com (Dima Ruban)
X-Mailer: ELM [version 2.4ME+ PL68 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Feisal Mohammed writes:
> Dima Ruban wrote:
> > 
> > Frank Tobin writes:
> > > One often wishes to run daemons such as named under other users, e.g.,
> > > bind:bind.  In order to allow bind to write out zones and associated fun
> > > stuff correctly, one then does a
> > >
> > > chmod -R bind:bind /etc/named
> > >
> > > However, the pid file, /var/run/named.pid, which named tries to write out
> > 
> > You can set it in named.conf:
> > 
> > options {
> >         ...
> >         pid-file "/etc/namedb/run/named.pid";
> >         ...
> > };
> > 
> > However, this will break "ncd", since it's looking for /var/run/named.pid
> > instead of extracting current "pid-file" value from the named.conf.
> > 
> > -- dima
> > 
> 
> That can be fixed as follows, I have two named running
> one on the inside interface and the other on the outside
> interface.

It doesn't do much good, since you still have to type:
ndc -c /var/run/ndc-inside whatever_command_you_want

What I've meant is that ndc should have a simple parsing capabilities
to extract most of the information it needs from named.conf

> 
> -Feisal
> 

-- dima


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message