From owner-freebsd-questions Mon Mar 12 6:31:36 2001 Delivered-To: freebsd-questions@freebsd.org Received: from guru.mired.org (okc-65-26-235-186.mmcable.com [65.26.235.186]) by hub.freebsd.org (Postfix) with SMTP id DED5B37B719 for ; Mon, 12 Mar 2001 06:31:32 -0800 (PST) (envelope-from mwm@mired.org) Received: (qmail 47875 invoked by uid 100); 12 Mar 2001 14:31:32 -0000 From: Mike Meyer MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15020.56771.969473.579120@guru.mired.org> Date: Mon, 12 Mar 2001 08:31:31 -0600 To: Christopher Farley Cc: , questions@freebsd.org Subject: Re: /var/run/named.pid annoyance In-Reply-To: <123947882@toto.iv> X-Mailer: VM 6.89 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Christopher Farley types: > Eugene Lee (eugene@anime.net) wrote: > > > Every time I do a reload, I get this in /var/log/messages: > > > > Mar 12 00:48:47 localhost named[119]: reloading nameserver > > Mar 12 00:48:47 localhost named[119]: couldn't create pid file '/var/run/named.pid' > > Mar 12 00:48:47 localhost named[119]: Ready to answer queries. > > > > The reason for this is that I run it with "-u bind -g bind" options. > > What would be the most secure way to solve this problem? > > This is a permissions problem. User bind does not have permissions to > write files to /var/run. > > The desired workaround is to change the PID file location by adding > this to the "options" section of your /etc/namedb/named.conf file: > > pid-file "/var/named/named.pid" > > You must then (as root): > > # mkdir /var/named > # chown bind:bind /var/named > > > More details on this setup are available at: > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01%3A18.bind.asc I'm not sure why that's the "desired" solution. The FreeBSD SA didn't provide any answers, either. I just did the chown on /var/run/named.pid, and that solved the problem. If you clean /var/run at each reboot, that won't help. http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message