Date: Sun, 30 Jun 2024 13:46:09 +0200 (CEST) From: sthaug@nethelp.no To: freebsd-stable@freebsd.org Subject: BIND 9.19.24 not listening to rndc port (953) Message-ID: <20240630.134609.2166404118346455953.sthaug@nethelp.no>
next in thread | raw e-mail | index | archive | help
Short description: Fresh install of bind9-devel-9.19.24_1 doesn't listen to localhost port 953, with the result that rndc doesn't work. Problem is 100% reproducible. Environment: - FreeBSD 13.3-STABLE #n257580 - BIND 9.19.24 installed using "pkg install bind9-devel-9.19.24_1" - Default (directly from the package) named.conf, no changes - rc.conf has named_enable="YES" added - named started using service named start If I then try to use rndc, it doesn't work: # rndc status rndc: connect failed: 127.0.0.1#953: connection refused In syslog I can see among the startup messages: Jun 30 12:53:31 nlab0 named[31772]: couldn't add command channel 127.0.0.1#953: permission denied Jun 30 12:53:31 nlab0 named[31772]: couldn't add command channel ::1#953: permission denied which explains the rndc error message - but doesn't explain *why* this happens. Other info: - BIND 9.18.24 on the same host works perfectly, with no rndc issues. - BIND 9.19.24 on the same host also works *if I change it to run as root* (by default it runs as user bind). The syslog messages are gone, and rndc works as expected. Speculation: 9.19.24 Release notes, under Feature changes, lists: Multiple RNDC messages are now processed when sent in a single TCP message. So maybe a bug introduced in connection with this feature change? Steinar Haug, AS2116
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20240630.134609.2166404118346455953.sthaug>