Bind 9.7.1 - 9.14.5 - 9.14.7 and 9.15.3 is dropping this into sys.log, but
still runs fine:
named[459]: unable to set effective uid to 0: Operation not permitted
named[459]: generating session key for dynamic DNS
named[459]: unable to set effective uid to 0: Operation not permitted
named[459]: sizing zone task pool based on 2 zones
Some ancient info in the mail list archives, shows some people running into
this message also at 9.7.1:
https://lists.isc.org/mailman/htdig/bind-users/2010-September/081230.html
https://lists.isc.org/mailman/htdig/bind-users/2010-September/081233.html
https://lists.isc.org/mailman/htdig/bind-users/2014-July/093460.html
At v9.14.1
http://bind-users-forum.2342410.n4.nabble.com/BIND-9-14-0-unable-to-set-effective-uid-to-0-Operation-not-permitted-td6844.htmldescribing
named wanting to revert the files back to UID 0, root for some reason even
though it is in chroot at this time.
The ISC git page also discusses the issue:
[https://gitlab.isc.org/isc-projects/bind9/issues/104](https://gitlab.isc.org/isc-projects/bind9/issues/1042)
Seems to happen when making these files on startup while in chroot and wanting
to change them back to UID 0
/srv/named/var/run/named/session.key
/srv/named/var/run/named.pid
Some people tried to satisfy the condition by adding root to group root and
changing the file ownership to root.
If you disable caps --disable-linux-caps at compile time ( but at the cost of
security, and no one knows what that cost is?!?)
the messages go away.
Running on an LFS 9.0 build with libcap 2.27 no PAM, Virtualbox
http://linuxfromscratch.org/blfs/view/svn/server/bind.html
Anyone with some info, please let me know.
Time to relabel the messages to be more clear about it being a WARNING or an
ERROR?
Or someone clearly indicating that these messages can be ignored would be
helpful.
Thanks so much.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users