From owner-freebsd-questions@FreeBSD.ORG  Mon Dec  3 21:55:49 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 81F9116A419
	for <freebsd-questions@freebsd.org>;
	Mon,  3 Dec 2007 21:55:49 +0000 (UTC)
	(envelope-from freebsd@superhero.nl)
Received: from superman.superhero.nl (superhero.nl [82.95.198.17])
	by mx1.freebsd.org (Postfix) with ESMTP id ECF3613C4D3
	for <freebsd-questions@freebsd.org>;
	Mon,  3 Dec 2007 21:55:48 +0000 (UTC)
	(envelope-from freebsd@superhero.nl)
Received: (qmail 19227 invoked by uid 80); 3 Dec 2007 21:55:33 -0000
Received: from robin.ad.superhero.nl ([10.202.77.103])
	(SquirrelMail authenticated user gelsemap)
	by webmail.superhero.nl with HTTP;
	Mon, 3 Dec 2007 22:55:33 +0100 (CET)
Message-ID: <4760.10.202.77.103.1196718933.squirrel@webmail.superhero.nl>
Date: Mon, 3 Dec 2007 22:55:33 +0100 (CET)
From: "Gelsema, P \(Patrick\) - FreeBSD" <freebsd@superhero.nl>
To: freebsd-questions@freebsd.org
User-Agent: SquirrelMail/1.4.8
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: named / BIND 9.4.1-P1  /etc/named/master ownership
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Dec 2007 21:55:49 -0000

Hi list,

I've got the following.

Everytime when I start /etc/rc.d/named I get the following issue.
hulk# /etc/rc.d/named start
etc/namedb/master changed
        user expected 0 found 53 modified
        gid expected 0 found 53 modified
Starting named.

If I leave it like this I get the following in /var/log/messages
Dec  3 19:10:57 hulk named[854]: dumping master file:
master/tmp-giHHnonSuW: open: permi
ssion denied
Dec  3 19:21:12 hulk named[854]: dumping master file:
master/tmp-MnAidukvm5: open: permi
ssion denied
Dec  3 19:25:48 hulk named[854]: dumping master file:
master/tmp-sCNwwiScbK: open: permi
ssion denied

This is solved if I do the following:
hulk# chown bind:bind /etc/named/master

However when I restart the service the problem re-appears.

In /etc/rc.conf I got the following.
hulk# cat /etc/rc.conf | grep named
named_enable="YES"
named_uid="bind"
named_chrootdir="/var/named"

I find it weird that named resets the ownership of the master directory as
named is running under uid bind and would require ownership or permissions
to dump, change any of the files.

Rgds,

Patrick