Date: Sun, 20 Jan 2019 15:10:05 -0500 From: Dan Langille <dan@langille.org> To: Mathieu Arnold <mat@FreeBSD.org> Cc: FreeBSD Ports <freebsd-ports@freebsd.org> Subject: Re: dns/bind911 - statistics-file Message-ID: <24153E38-80DC-4AA7-A071-666FA9DAF386@langille.org> In-Reply-To: <20190120104234.k5w5f7mrmzmpncx2@atuin.in.mat.cc> References: <0B943CDD-3A9E-4026-8AD4-8D8007902CCB@langille.org> <20190120104234.k5w5f7mrmzmpncx2@atuin.in.mat.cc>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_59565239-0813-429A-B3DD-4FEBBC7DA17C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Jan 20, 2019, at 5:42 AM, Mathieu Arnold <mat@FreeBSD.org> wrote: >=20 > On Sat, Jan 19, 2019 at 07:50:45PM -0500, Dan Langille wrote: >> Mat, >>=20 >> I encountered an odd situation where my stats file kept changing = permissions. With every reinstall of bind911, >> the permissions on var/run/named/stats change to chown root:bind = which prevents bind from updating the file. >>=20 >> This is what I need: >>=20 >> $ ls -l /var/run/named/stats >> -rw-r--r-- 1 bind bind 11507 Jan 20 00:45 /var/run/named/stats >>=20 >> Could that change be carried out by this file? >>=20 >> = https://svnweb.freebsd.org/ports/head/dns/bind911/files/BIND.chroot.dist?v= iew=3Dmarkup#l24 >>=20 >> I don't see a reference to /var/run/named/stats in BIND.chroot.dist = but can't help but wonder if it's something similar. >>=20 >> I have been using these options: >>=20 >> directory "/usr/local/etc/namedb/working"; >> pid-file "/var/run/named/pid"; >> dump-file "/var/dump/named_dump.db"; >> statistics-file "/var/run/named/stats"; >> zone-statistics yes; >>=20 >> When researching this tonight, I noticed the sample configuration = uses /var/run/named.stats. Perhaps I'm doing this wrong. >> I am happy to change my configuration, but first I write in case the = script is doing something unexpected. >=20 > I do not think anything in the BIND9 ports would change the file = permissions. >=20 > The mtree file only touches the directories to make sure they have the > correct permissions, so it is not it. Moreover the mtree file is ONLY > used when using named_chrootdir to chroot named, which does not appear > to be your case. > The BIND9 ports have not had a pkg-install script for years, so it's = not > it either. > The rc file does not chown anything, so it's not it doing it either. >=20 > Side note, the sample configuration uses /var/stats/named.stats, not > /var/run/named.stats. And it was ever since it was added to the base > system named.conf file back in 2004 (in src r135918). >=20 > So I'd say something else on your system "fixes" the file's = permissions. This is it: [dan@toiler:~] $ grep cleanvar /etc/defaults/rc.conf cleanvar_enable=3D"YES" # Clean the /var directory That clears the file, then bind creates it chown root:bind. Why it creates it like that, I don't know yet, but that's outside scope = of this post. Thank you. -- Dan Langille - BSDCan / PGCon dan@langille.org --Apple-Mail=_59565239-0813-429A-B3DD-4FEBBC7DA17C Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEzqcJ4oeyf8sgTIEBIU09XU2nXtMFAlxE1Z0ACgkQIU09XU2n XtPKtwf/RLdt7po3Yyfw7/DLTXIp+/znrCcF0Q6eTHTD+r5D0xJPxpOvmaKgY5Fj 7UK0nw7XPcJ01Lf0/Tzhk1ld83/DiATMLEYOhKIqDXHbqHWtM2jhpnaRLFtvKrdx VjR7rQgnIN2Xr2yNF1jVJ7tGrM4S3cGULAN2XI0klFz5NcleQOmCFY7PXd1AYyFE ARX3vMWBXIn9/lmamKZj2hAH6b00HAGZPNIcHfJGdxYPNZ+aLIMXzcTQpR8rMy3Q YriJoLyKYJR3E9vsjqchDYIulTDunOGa/lIc/p6/IT9GdkyMqf2VkqKl6PJyUNLj OUKtIJL/bZMa//Wyc8JLXlEN4sbofA== =MDMi -----END PGP SIGNATURE----- --Apple-Mail=_59565239-0813-429A-B3DD-4FEBBC7DA17C--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?24153E38-80DC-4AA7-A071-666FA9DAF386>