Dear FreeBSD Community,
I am trying to run named (bind) in a sandbox using the default flags
found in the config files. I've got this in my /etc/rc.conf file:
named_enable="YES" # Run named, the DNS server (or NO).
named_flags="-u bind -g bind" # Flags for named
I also did a "chown -R bind:bind" to my secondaary DNS directory, so
all updates work with the new "bind" userID and group (53).
[/etc/group]
bind:*:53:
The problem comes when I use "/usr/sbin/named.reload" ... I get an
error message that named can't write the /var/run/named.pid file.
It seems unable to delete and rewrite "named.pid". I've tried
various group permissions for /var/run to allow the "bind" user
to create this file, but I can't seem to make this error go away.
Is there an obvious trick to running named in a sandbox under the
FreeBSD 4.7 standard distro?
Thank you!
Jon Backstrom
[EMAIL PROTECTED]
P.S. - In the /etc/defaults/rc.conf file, there is a comment that
it *may* be possible to run named in a sandbox...but the
docs in "man security" don't mention anyting about the
problems with /var/run/named.pid.
# named. It may be possible to run named in a sandbox, man security for
# details.
#
named_enable="NO" # Run named, the DNS server (or NO).
named_program="/usr/sbin/named" # path to named, if you want a different one.
#named_flags="-u bind -g bind" # Flags for named
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
