re-bind named to all interfaces

Phil Mayers p.mayers at
Thu Apr 12 16:52:42 UTC 2012

On 12/04/12 16:44, Mihai Moldovan wrote:

> Hmm, permission denied while binding to ppp0? Maybe that's because my named is
> running as the non-privileged system user "named" and binding to the privileged
> port 53? Makes sense... but... hm. I guess in this case there's no other way but
> running named as root?

I vaguely seem to recall this has come up on the list before.

However: at our site:

  1. Bind runs as user "named"
  2. "rndc reconfig" works with a new IP, e.g.

# rndc reconfig
# lsof -n -i :53 | fgrep 192.168.
# ip addr add dev lo
# rndc reconfig
# lsof -n -i :53 | fgrep 192.168.
named   17052 named   32u  IPv4 1395639422       TCP (LISTEN)
named   17052 named  531u  IPv4 1395639421       UDP

This is on RHEL5, with SELinux enabled.

So, it's definitely possible to do this as non-root. As above, I'm sure 
this has been discussed, but I can't remember what we decided the 
mechanism that allowed this was.

More information about the bind-users mailing list