Bug 19956

Summary: _Lots_ of issues in bind9
Product: [Retired] Red Hat Raw Hide Reporter: Pekka Savola <pekkas>
Component: bindAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED RAWHIDE QA Contact: Dale Lovelace <dale>
Severity: high Docs Contact:
Priority: medium    
Version: 1.0CC: grgustaf, kenneth_porter
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-10-28 16:44:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Pekka Savola 2000-10-28 16:44:40 UTC 
I tested (or tried to) bind-9.0.0-2  briefly, and I must say there were a _lot_ of serious issues with it.

prereqs: 
 * kernel-2.4pre kernel is required for -u operation (!)

init.d/named: 
 * there is no /usr/sbin/ndc, only /usr/sbin/rndc
 * condrestart is written cond-restart

/usr/sbin/rndc:
 * A default /etc/rndc.conf is not supplied (it's with the tarball), so rndc doesn't work
 * About all features of rndc at least seem to be 'not implemented yet'

/usr/sbin/named:
 * -t (chroot) doesn't seem to work:

strace /chroot/bind/usr/sbin/named -t /chroot/bind:
---
[...]
chroot("/chroot/bind")                  = 0
chdir("/")                              = 0
prctl(0x8, 0x1, 0, 0, 0)                = -1 EINVAL (Invalid argument)
getuid()                                = 0
capset(0xbffff9a8, 0xbffff9b0)          = 0
brk(0x807b000)                          = 0x807b000
old_mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x402df000
fork()                                  = 29243
_exit(0)                                = ?
---
[...]
Oct 28 19:40:29 otso named[29245]: listening on IPv4 interface eth0, x.y.z.w#53
Oct 28 19:40:29 otso named[29245]: couldn't open pid file '/var/run/named.pid': Permission denied
Oct 28 19:40:29 otso named[29245]: exiting (due to early fatal error)
---

sigh.
Comment 1 Bernhard Rosenkraenzer 2000-10-30 15:07:05 UTC 
Most of these issues are problems with the base package (2.4 requirement, chroot not working), please report them to bind-bugs. (Don't have the time to fix this at the moment).
The packaging related bugs are fixed in -3.
Comment 2 Pekka Savola 2000-11-01 17:09:43 UTC 
Contacted.  -u is not going to work in 2.2 kernels at all due to threads implementation issues.

Bind gives up some root privileges (including the ability to write to non-root-owned directories) even
without -u.  My /chroot/bind/var/run was owned by named.named as of 8.2.2.  So, 
the /var/run directory has to be owned by the right user.
Comment 3 Alan Cox 2006-10-05 16:04:39 UTC 
*** Bug 192026 has been marked as a duplicate of this bug. ***