Bug 19956 - _Lots_ of issues in bind9
_Lots_ of issues in bind9
Status: CLOSED RAWHIDE
Product: Red Hat Raw Hide
Classification: Retired
Component: bind (Show other bugs)
1.0
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
Dale Lovelace
:
: 192026 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-10-28 12:44 EDT by Pekka Savola
Modified: 2007-04-18 12:29 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-10-28 12:44:43 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Pekka Savola 2000-10-28 12:44:40 EDT
I tested (or tried to) bind-9.0.0-2  briefly, and I must say there were a _lot_ of serious issues with it.

prereqs: 
 * kernel-2.4pre kernel is required for -u operation (!)

init.d/named: 
 * there is no /usr/sbin/ndc, only /usr/sbin/rndc
 * condrestart is written cond-restart

/usr/sbin/rndc:
 * A default /etc/rndc.conf is not supplied (it's with the tarball), so rndc doesn't work
 * About all features of rndc at least seem to be 'not implemented yet'

/usr/sbin/named:
 * -t (chroot) doesn't seem to work:

strace /chroot/bind/usr/sbin/named -t /chroot/bind:
---
[...]
chroot("/chroot/bind")                  = 0
chdir("/")                              = 0
prctl(0x8, 0x1, 0, 0, 0)                = -1 EINVAL (Invalid argument)
getuid()                                = 0
capset(0xbffff9a8, 0xbffff9b0)          = 0
brk(0x807b000)                          = 0x807b000
old_mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x402df000
fork()                                  = 29243
_exit(0)                                = ?
---
[...]
Oct 28 19:40:29 otso named[29245]: listening on IPv4 interface eth0, x.y.z.w#53
Oct 28 19:40:29 otso named[29245]: couldn't open pid file '/var/run/named.pid': Permission denied
Oct 28 19:40:29 otso named[29245]: exiting (due to early fatal error)
---

sigh.
Comment 1 Bernhard Rosenkraenzer 2000-10-30 10:07:05 EST
Most of these issues are problems with the base package (2.4 requirement, chroot not working), please report them to bind-bugs@isc.org. (Don't have the time to fix this at the moment).
The packaging related bugs are fixed in -3.
Comment 2 Pekka Savola 2000-11-01 12:09:43 EST
Contacted.  -u is not going to work in 2.2 kernels at all due to threads implementation issues.

Bind gives up some root privileges (including the ability to write to non-root-owned directories) even
without -u.  My /chroot/bind/var/run was owned by named.named as of 8.2.2.  So, 
the /var/run directory has to be owned by the right user.
Comment 3 Alan Cox 2006-10-05 12:04:39 EDT
*** Bug 192026 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.