Red Hat Bugzilla – Bug 19956
_Lots_ of issues in bind9
Last modified: 2007-04-18 12:29:32 EDT
I tested (or tried to) bind-9.0.0-2 briefly, and I must say there were a _lot_ of serious issues with it.
* kernel-2.4pre kernel is required for -u operation (!)
* there is no /usr/sbin/ndc, only /usr/sbin/rndc
* condrestart is written cond-restart
* A default /etc/rndc.conf is not supplied (it's with the tarball), so rndc doesn't work
* About all features of rndc at least seem to be 'not implemented yet'
* -t (chroot) doesn't seem to work:
strace /chroot/bind/usr/sbin/named -t /chroot/bind:
chroot("/chroot/bind") = 0
chdir("/") = 0
prctl(0x8, 0x1, 0, 0, 0) = -1 EINVAL (Invalid argument)
getuid() = 0
capset(0xbffff9a8, 0xbffff9b0) = 0
brk(0x807b000) = 0x807b000
old_mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x402df000
fork() = 29243
_exit(0) = ?
Oct 28 19:40:29 otso named: listening on IPv4 interface eth0, x.y.z.w#53
Oct 28 19:40:29 otso named: couldn't open pid file '/var/run/named.pid': Permission denied
Oct 28 19:40:29 otso named: exiting (due to early fatal error)
Most of these issues are problems with the base package (2.4 requirement, chroot not working), please report them to firstname.lastname@example.org. (Don't have the time to fix this at the moment).
The packaging related bugs are fixed in -3.
Contacted. -u is not going to work in 2.2 kernels at all due to threads implementation issues.
Bind gives up some root privileges (including the ability to write to non-root-owned directories) even
without -u. My /chroot/bind/var/run was owned by named.named as of 8.2.2. So,
the /var/run directory has to be owned by the right user.
*** Bug 192026 has been marked as a duplicate of this bug. ***