Re: named as non-root?
Paul Tod Rieger wrote:
>
> On my router/firewall (2 NICs with ipmasq in between; slink/2.0.36), I run
> named as root. I'm looking for an easy way not to.
>
> Since the Debian system already runs Apache as www-data, I'm wondering if
> adding "-u www-data -g www-data" to named's start up file would be an easy
> way to run it non-root.
My solution with bind 8.2.2p5-11:
/etc/init.d/bind:
#!/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
test -x /usr/sbin/named || exit 0
BINDOPTS="-u bind -g bind"
case "$1" in
start)
echo -n "Starting domain name service: named"
# start-stop-daemon --start --quiet --exec /usr/sbin/named
start-stop-daemon --start --quiet --exec /usr/sbin/named --
$BINDOPTS
echo "."
;;
--
+----------------+---------------------------------------+
| Guido Bozzetto | Office ph./fax:+39 0432 477588/486157 | L'avar al è
chel
| \/ I | E-mail: :-) mailto:GB@Nauta.it | che si
lambiche
| OO like | Web: http://www.nauta.it/~bozzetto/ | a vivi puar
| -- Linux | Talk: gb@argo.nauta.it | par muri sior
+----------------+---------------------------------------+
Reply to: