On 12/04/12 16:44, Mihai Moldovan wrote:
Hmm, permission denied while binding to ppp0? Maybe that's because my named is
running as the non-privileged system user "named" and binding to the privileged
port 53? Makes sense... but... hm. I guess in this case there's no other way but
running named as root?
I vaguely seem to recall this has come up on the list before.
However: at our site:
1. Bind runs as user "named"
2. "rndc reconfig" works with a new IP, e.g.
# rndc reconfig
# lsof -n -i :53 | fgrep 192.168.
# ip addr add 192.168.230.230/32 dev lo
# rndc reconfig
# lsof -n -i :53 | fgrep 192.168.
named 17052 named 32u IPv4 1395639422 TCP
192.168.230.230:domain (LISTEN)
named 17052 named 531u IPv4 1395639421 UDP 192.168.230.230:domain
This is on RHEL5, with SELinux enabled.
So, it's definitely possible to do this as non-root. As above, I'm sure
this has been discussed, but I can't remember what we decided the
mechanism that allowed this was.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
