On Sun, 3 Aug 2008, Eugene Grosbein wrote: > I need /etc/namedb to be owned by root:bind and have permissions 01775, > so bind may write to it but may not overwrite files that belong to root > here, and I made it so. Suprise! > > # /etc/rc.d/named restart > > Stopping named. > > Waiting for PIDS: 1892. > > etc/namedb changed > > gid expected 0 found 53 modified > > permissions expected 0755 found 01775 modified > > Starting named.
Are you running /etc/namedb linked to chroot'd /var/named/etc/namedb? If so, that'd be mtree restoring perms from /etc/mtree/BIND.chroot.dist I couldn't get rndc trace running to named.run for ages, same problem: bind user couldn't write to (default) /var/named/etc/namedb/named.run unless it already existed, owned by bind. Added to /etc/rc.d/named: touch /var/named/etc/namedb/named.run chown bind /var/named/etc/namedb/named.run # bind:wheel 644 and now trace and querylog are happy, so I am. Running latest 5-STABLE here but I see no changes in 7 or HEAD cvs related to this. Suppose I should do up a PR with a patch, unless someone knows a better way? I don't know if this helps with whatever file/s you want bind to write, or whether there are other files bind writes needing similar treatment. > I dislike it very much when a system thinks it knows better what user needs. > Also, I do not want to move a place where bind writes its files to another > location just because system does not want it to write here. > Why was this done such way, do I miss something? I'm usually glad that FreeBSD's bind setup tends to paranoia :) cheers, Ian _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"