This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 214786 - bind-chroot changes ownership of /var/named/chroot/var/named
bind-chroot changes ownership of /var/named/chroot/var/named
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: bind (Show other bugs)
5
All Linux
medium Severity medium
: ---
: ---
Assigned To: Martin Stransky
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-11-09 10:02 EST by H.J. Lu
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-12-06 08:41:07 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description H.J. Lu 2006-11-09 10:02:14 EST
After upgrading to bind-chroot-9.3.3-0.2.rc2.fc5, I got

# ls -l /var/named/chroot/var/named

total 736
-rw-r----- 1 root  named    215 Sep 16 13:25 192.168.0.db.2006-9-16_13.32.32
-rw-r----- 1 root  named    514 Nov  6 21:39 192.168.10.db
-rw-r----- 1 root  named    538 Oct 21 10:35 192.168.10.db.2006-10-21_10.56.2
-rw-r----- 1 root  named    532 Oct 21 11:37 192.168.10.db.2006-10-22_14.36.19
-rw-r----- 1 root  named  21711 Nov  6 21:25 192.168.10.db.jnl
-rw-r----- 1 root  named    586 Oct 21 11:33
192.168.10.db.REJECT.2006-10-21_11.33.30
-rw-r----- 1 root  named    586 Oct 21 11:33
192.168.10.db.REJECT.2006-10-21_11.33.39
drwxrwx--- 2 named named   4096 Aug 25  2004 data
-rw-r----- 1 root  named    566 Nov  6 21:37 in.lucon.org.db
-rw-r----- 1 root  named    644 Oct 21 10:36 in.lucon.org.db.2006-10-21_10.56.2
-rw-r----- 1 root  named    641 Oct 21 10:56
in.lucon.org.db.2006-10-21_11.29.48-rw-r----- 1 root  named    556 Oct 21 11:37
in.lucon.org.db.2006-10-22_14.36.19-rw-r----- 1 root  named     85 Sep 16 13:18
in.lucon.org.db.2006-9-16_13.19.43
-rw-r----- 1 root  named     89 Sep 16 13:19 in.lucon.org.db.2006-9-16_13.25.47
-rw-r----- 1 root  named    212 Sep 16 13:25 in.lucon.org.db.2006-9-16_13.34.26
-rw-r----- 1 root  named    200 Sep 16 13:34 in.lucon.org.db.2006-9-16_13.35.14
-rw-r----- 1 root  named    199 Sep 16 13:35 in.lucon.org.db.2006-9-16_14.46.54
-rw-r----- 1 root  named    482 Sep 16 15:10 in.lucon.org.db.2006-9-16_15.18.23
-rw-r----- 1 root  named    514 Sep 16 15:18 in.lucon.org.db.2006-9-16_15.33.40
-rw-r----- 1 root  named    495 Sep 16 15:33 in.lucon.org.db.2006-9-16_15.34.36
-rw-r----- 1 root  named    520 Sep 16 15:34 in.lucon.org.db.2006-9-16_15.35.15
-rw-r----- 1 root  named    521 Sep 16 15:35 in.lucon.org.db.2006-9-16_15.36.31
-rw-r----- 1 root  named  31499 Nov  6 21:25 in.lucon.org.db.jnl
-rw-r----- 1 root  named    198 Oct 16 03:43 localdomain.zone
-rw-r----- 1 root  named    208 Oct 19  2004
localdomain.zone.2006-10-21_10-18-46.799333000
-rw-r----- 1 root  named    195 Oct 19  2004 localhost.zone
-rw-r----- 1 root  named    427 Oct 19  2004 named.broadcast
-rw-r----- 1 root  named   2518 Oct 16 03:43 named.ca
-rw-r----- 1 root  named    424 Oct 16 03:43 named.ip6.local
-rw-r----- 1 root  named    424 Oct 19  2004
named.ip6.local.2006-10-21_10-18-46.821495000
-rw-r----- 1 root  named    426 Oct 16 03:43 named.local
-rw-r----- 1 root  named    426 Oct 19  2004
named.local.2006-10-21_10-18-46.827740000
-rw-r----- 1 root  named   1195 Oct 21 10:06 named.root
-rw-r----- 1 root  named 494412 Oct 22 15:21 named.run
-rw-r----- 1 root  named    427 Oct 19  2004 named.zero
drwxr-x--- 2 root  named   4096 Oct 21 10:06 slave
drwxrwx--- 2 named named   4096 Jul 27  2004 slaves

Files were owned by root instead of named. It breaks dynamic DNS update
from dhcpd.
Comment 1 Martin Stransky 2006-11-09 12:08:59 EST
Which version did you use before update?
Comment 2 H.J. Lu 2006-11-09 12:12:02 EST
I was using 9.3.3-0.1.rc2.fc5 before udpate.
Comment 3 Chris Petersen 2006-11-16 13:51:35 EST
It also breaks named completely when /var/named/chroot/var/run is owned by root
instead of named.  The named daemon refuses to start up because it can't create
its pid file.  This has happened with probably the last 5 updates in FC5,
including the most recent (installed today)
Comment 4 Juliano F. Ravasi 2006-11-19 20:48:14 EST
Also, by making /var/named/chroot/var/named owned by root, named can't create
temporary files and can't replicate slave zones.
Comment 5 Martin Stransky 2006-11-22 09:48:59 EST
Could you please attach an output from "#ls -lRZ /var/named/chroot/"?
Comment 6 H.J. Lu 2006-11-22 11:22:38 EST
This is after I did "chown -R named.named /var/named/chroot/var/named":

[root@lake chroot]# ls --hide proc -lRZ /var/named/chroot/
/var/named/chroot/:
drwxr-x---  root named system_u:object_r:named_conf_t:s0 dev
drwxr-x---  root named system_u:object_r:named_conf_t:s0 etc
drwxr-x---  root named system_u:object_r:named_conf_t:s0 var

/var/named/chroot/dev:
crw-rw----  root named system_u:object_r:null_device_t:s0 null
crw-rw----  root named system_u:object_r:random_device_t:s0 random
crw-rw----  root named system_u:object_r:zero_device_t:s0 zero

/var/named/chroot/etc:
-rw-r--r--  root root  system_u:object_r:locale_t:s0    localtime
-rw-r-----  root named system_u:object_r:named_conf_t:s0
named.caching-nameserver.conf
-rw-r--r--  root named                                  named.conf
-rw-r--r--  root named                                  named.conf.in
-rwxr-xr-x  root named system_u:object_r:named_conf_t:s0 named.conf.saved
-rw-r-----  root named system_u:object_r:named_conf_t:s0 named.rfc1912.zones
-rw-r-----  root named system_u:object_r:named_conf_t:s0 rndc.conf
-rw-r-----  root named system_u:object_r:dnssec_t:s0    rndc.key
-rw-r-----  root named system_u:object_r:dnssec_t:s0   
rndc.key.2006-10-21_10-18-46.794299000

/var/named/chroot/var:
drwxr-x---  named named system_u:object_r:named_zone_t:s0 named
drwxr-x---  root  named system_u:object_r:named_conf_t:s0 run
drwxrwx---  named named system_u:object_r:named_cache_t:s0 tmp

/var/named/chroot/var/named:
-rw-r-----  named named                                 
192.168.0.db.2006-9-16_13.32.32
-rw-r--r--  named named                                  192.168.10.db
-rw-r-----  named named                                 
192.168.10.db.2006-10-21_10.56.2
-rw-r-----  named named                                 
192.168.10.db.2006-10-22_14.36.19
-rw-r-----  named named                                  192.168.10.db.jnl
-rw-r-----  named named                                 
192.168.10.db.REJECT.2006-10-21_11.33.30
-rw-r-----  named named                                 
192.168.10.db.REJECT.2006-10-21_11.33.39
drwxrwx---  named named system_u:object_r:named_cache_t:s0 data
-rw-r--r--  named named                                  in.lucon.org.db
-rw-r-----  named named                                 
in.lucon.org.db.2006-10-21_10.56.2
-rw-r-----  named named                                 
in.lucon.org.db.2006-10-21_11.29.48
-rw-r-----  named named                                 
in.lucon.org.db.2006-10-22_14.36.19
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_13.19.43
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_13.25.47
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_13.34.26
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_13.35.14
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_14.46.54
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_15.18.23
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_15.33.40
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_15.34.36
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_15.35.15
-rw-r-----  named named                                 
in.lucon.org.db.2006-9-16_15.36.31
-rw-r-----  named named                                  in.lucon.org.db.jnl
-rw-r-----  named named system_u:object_r:named_zone_t:s0 localdomain.zone
-rw-r-----  named named system_u:object_r:named_zone_t:s0
localdomain.zone.2006-10-21_10-18-46.799333000
-rw-r-----  named named system_u:object_r:named_zone_t:s0 localhost.zone
-rw-r-----  named named system_u:object_r:named_zone_t:s0 named.broadcast
-rw-r-----  named named system_u:object_r:named_conf_t:s0 named.ca
-rw-r-----  named named system_u:object_r:named_zone_t:s0 named.ip6.local
-rw-r-----  named named system_u:object_r:named_zone_t:s0
named.ip6.local.2006-10-21_10-18-46.821495000
-rw-r-----  named named system_u:object_r:named_zone_t:s0 named.local
-rw-r-----  named named system_u:object_r:named_zone_t:s0
named.local.2006-10-21_10-18-46.827740000
-rw-r-----  named named system_u:object_r:named_zone_t:s0 named.root
-rw-r-----  named named                                  named.run
-rw-r-----  named named system_u:object_r:named_zone_t:s0 named.zero
drwxr-x---  named named system_u:object_r:named_zone_t:s0 slave
drwxrwx---  named named system_u:object_r:named_cache_t:s0 slaves

/var/named/chroot/var/named/data:

/var/named/chroot/var/named/slave:

/var/named/chroot/var/named/slaves:

/var/named/chroot/var/run:
drwxr-xr-x  root  root  system_u:object_r:system_dbusd_var_run_t:s0 dbus
drwxrwx---  named named system_u:object_r:named_var_run_t:s0 named

/var/named/chroot/var/run/dbus:
srwxrwxrwx  root root                                  system_bus_socket

/var/named/chroot/var/run/named:
-rw-r--r--  named named                                  named.pid

/var/named/chroot/var/tmp:
[root@lake chroot]# 
Comment 7 Martin Stransky 2006-12-06 08:04:42 EST
Could you please attach your /etc/named.conf? (or whatever you use as a primary
config file)
Comment 8 Martin Stransky 2006-12-06 08:41:07 EST
Please move your dynamic data to /var/named/data
(/var/named/chroot/var/named/data if you use bind-chroot), all files are kept as
named:named there.

root:named is fine for /var/named/chroot/var/run because the pid file is created
in /var/named/chroot/var/run/named/named.pid

and 

drwxrwx---  2 named named 4096 Dec  6 14:36 /var/named/chroot/var/run/named/

Note You need to log in before you can comment on or make changes to this bug.