From owner-freebsd-bugs  Fri Dec 20  6: 0:19 2002
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 984B337B401
	for <freebsd-bugs@hub.freebsd.org>; Fri, 20 Dec 2002 06:00:16 -0800 (PST)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B65A543EE8
	for <freebsd-bugs@hub.freebsd.org>; Fri, 20 Dec 2002 06:00:15 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id gBKE0FNS018713
	for <freebsd-bugs@freefall.freebsd.org>; Fri, 20 Dec 2002 06:00:15 -0800 (PST)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.6/8.12.6/Submit) id gBKE0FBf018712;
	Fri, 20 Dec 2002 06:00:15 -0800 (PST)
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E7A2237B401
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 20 Dec 2002 05:57:20 -0800 (PST)
Received: from mail.pelleg.org (mail.pelleg.org [205.201.13.237])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0C06143EDA
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 20 Dec 2002 05:57:20 -0800 (PST)
	(envelope-from dpelleg@mail.pelleg.org)
Received: by mail.pelleg.org (Postfix, from userid 1001)
	id 3EF84B627D; Fri, 20 Dec 2002 08:57:19 -0500 (EST)
Message-Id: <20021220135719.3EF84B627D@mail.pelleg.org>
Date: Fri, 20 Dec 2002 08:57:19 -0500 (EST)
From: Dan Pelleg <daniel+bsd@pelleg.org>
Reply-To: Dan Pelleg <daniel+bsd@pelleg.org>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Subject: conf/46401: [PATCH] /etc/rc.d/named doesn't create chroot dirs
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org


>Number:         46401
>Category:       conf
>Synopsis:       [PATCH] /etc/rc.d/named doesn't create chroot dirs
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Dec 20 06:00:15 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Dan Pelleg
>Release:        FreeBSD 5.0-RC i386
>Organization:
>Environment:

System: FreeBSD p 5.0-RC FreeBSD 5.0-RC #1: Sun Dec 8 08:28:28 EST 2002 d@p i386

	
>Description:
1. /etc/rc.d/named does not create necessary chroot directories
2. named_chroot is not set, so /etc/rc.subr does not start named
in a sandbox

NOTE: there is another problem with the pid file -
the pidfile is set to /var/run/named/pid in named.conf
(should be /var/run/named.pid) - I'll open another PR about
that.

>How-To-Repeat:
Add to /etc/rc.conf:
named_enable="YES"              # Run named, the DNS server (or NO).
named_program="/usr/sbin/named" # path to named, if you want a different one.
named_flags="-u bind -g bind"   # Flags for named
named_chrootdir="/usr/j1/named" # Chroot directory (or "" not to auto-chroot it)
named_chroot_autoupdate="YES"   # Automatically install/update chrooted
named_symlink_enable="YES"      # Symlink /var/run/named.pid and /var/run/ndc
named_rcng="YES"                        # XXX Temporary. Enable to use new rc

mkdir /usr/j1/named
(populate /usr/j1/named/etc with conf files)

/etc/rc.d/named start

>Fix:

--- /etc/rc.d/named.orig	Thu Dec 19 21:11:19 2002
+++ /etc/rc.d/named	Fri Dec 20 06:55:05 2002
@@ -17,6 +17,7 @@
 pidfile="/var/run/${name}.pid"
 start_precmd="named_precmd"
 required_dirs="$named_chrootdir"	# if it is set, it must exist
+named_chroot="$named_chrootdir"
 extra_commands="reload"
 
 case ${OSTYPE} in
@@ -49,22 +50,22 @@
 	    "${named_chrootdir}/usr/libexec/named-xfer" -ot \
 	    /usr/libexec/named-xfer ]; then
 		rm -f "${named_chrootdir}/usr/libexec/named-xfer"
-		cp -p /usr/libexec/named-xfer "${named_chrootdir}/usr/libexec"
+		/bin/pax -rw -pe /usr/libexec/named-xfer "${named_chrootdir}/"
 	fi
 
 	# Copy /dev/null over, if neccessary. Preserve everything (perms,
 	# ownership, mod times).
 	#
 	if [ ! -c "${named_chrootdir}/dev/null" ]; then
-	rm -f "${named_chrootdir}/dev/null"
-		( cd /dev ; /bin/pax -rw -pe null "${named_chrootdir}/dev" )
+		rm -f "${named_chrootdir}/dev/null"
+		/bin/pax -rw -pe /dev/null "${named_chrootdir}/"
 	fi
 
 	# Copy local timezone information if it's not up-to-date.
 	#
 	if [ -f /etc/localtime ]; then
 		cmp -s /etc/localtime "${named_chrootdir}/etc/localtime" || \
-		cp -p /etc/localtime "${named_chrootdir}/etc/localtime"
+		pax -rw -pe /etc/localtime "${named_chrootdir}/"
 	fi
 }
 
@@ -72,9 +73,11 @@
 #
 make_symlinks()
 {
-	ln -fs "${named_chrootdir}/var/run/named.pid" /var/run/named.pid
+	if [ ! -d ${named_chrootdir}/var/run ]; then
+		mkdir -p "${named_chrootdir}/var/run"
+	fi
+	ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
 	ln -fs "${named_chrootdir}/var/run/ndc" /var/run/ndc
-
 }
 
 named_precmd()

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message