Re: named problems
At 07 Dec 2002 15:56:06 +0100,
Rodrigo Moya wrote:
> On Sat, 2002-12-07 at 15:26, Russell Coker wrote:
> > On Sat, 7 Dec 2002 15:20, Rodrigo Moya wrote:
> > > Dec 7 04:02:49 lagun named: dumping master file:
> > > /var/cache/bind/tmp-XXXXLWOG9Y: open: permission denied
> > > Dec 7 04:02:49 lagun named: transfer of 'historia-antigua.com/IN'
> > > from 126.96.36.199#53: failed while receiving responses: permission
> > > denied
> > >
> > > What is wrong? named is being run as root, and the /var/cache/bind
> > > directory belongs to the bind user.
> > That is what is wrong. BIND9 drops the capability cap_dac_override and thus
> > can't create files in directories owned by a UID other than root unless they
> > are mode 777.
> > The solution is to have the directory owned by the same UID that is used for
> > running the named process.
> ok, did that. So, what has changed, the user with which named is run?
> Because I've had that working for months, and just started having those
> messages recently.
bind9 uses user `bind'.
Put OPTIONS="-u bind" in /etc/default/bind9