Red Hat Bugzilla – Bug 54107
Named's data directory
Last modified: 2007-04-18 12:37:24 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.4.2-2 i686; Nav)
Description of problem:
I had problems with bind 9 when I first installed RH 7.1, so I
reverted to bind 8 while I solved other problems. I just now got
around to upgrading to the bind 9 package that comes with RH 7.1,
bind-9.1.0-10. I ran across the following problem when doing some
zone transfers. named has its own directory under /etc, /etc/named.
However, I originally created it owned by root and not world
writable. This is an error. It has to be secured against other users
reading and writing to the directory. So I made the directory and all
the files there owned by user and group named.
[root@tecla named]# ll
drwx------ 2 named named 4096 Sep 27 08:43 .
drwxr-xr-x 44 root root 4096 Sep 27 08:47 ..
-rw------- 1 named named 183 Sep 26 16:48 db.127.0.0
-rw------- 1 named named 518 Sep 27 08:53 db.192.168.1
-rw------- 1 named named 2769 Feb 7 2001 db.cache
-rw------- 1 named named 514 Sep 27 08:53 db.localdomain
Perhaps the RPM installation should create this directory correctly?
If so, perhaps it should install a minimal named.config with the
directory option set to it? The default directory is the one in which
named is started, wherever that may be.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Install the bind and bind-utils packages on a fress RH 7.1 installation.
2. cd /etc
3. mkdir named
etc. as noted in the descrption above
Actual Results: N/A; see description
Expected Results: N/A; see description
N/A; see description
/etc/named is a nonstandard directory, you should use /var/named, which is
created with the correct permissions.
Old versions of bind used to need root privileges, current versions drop
privileges and run as their own user.
Is this documented anywhere? If not, it should be. I have been using /etc/named
for years to be consistent with other similar usage I have found on other Red
P.S. I do not consider a bug to be closed until the originator of the bug is
/etc is not a place to save db caches. Please have a look at the FHS: