Dear FreeBSD Community,

I am trying to run named (bind) in a sandbox using the default flags
found in the config files. I've got this in my /etc/rc.conf file:

named_enable="YES"             # Run named, the DNS server (or NO).
named_flags="-u bind -g bind"  # Flags for named

I also did a "chown -R bind:bind" to my secondaary DNS directory, so
all updates work with the new "bind" userID and group (53).

[/etc/group]
bind:*:53:

The problem comes when I use "/usr/sbin/named.reload" ... I get an
error message that named can't write the /var/run/named.pid file.

It seems unable to delete and rewrite "named.pid".  I've tried 
various group permissions for /var/run to allow the "bind" user
to create this file, but I can't seem to make this error go away.

Is there an obvious trick to running named in a sandbox under the
FreeBSD 4.7 standard distro?

Thank you!

Jon Backstrom
[EMAIL PROTECTED]


P.S. - In the /etc/defaults/rc.conf file, there is a comment that
       it *may* be possible to run named in a sandbox...but the
       docs in "man security" don't mention anyting about the 
       problems with /var/run/named.pid.

# named.  It may be possible to run named in a sandbox, man security for
# details.
#
named_enable="NO"               # Run named, the DNS server (or NO).
named_program="/usr/sbin/named" # path to named, if you want a different one.
#named_flags="-u bind -g bind"  # Flags for named


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to