re-bind named to all interfaces

Mihai Moldovan ionic at
Thu Apr 12 20:01:02 UTC 2012

* On 12.04.2012 09:11 PM, Mark Pettit wrote:
> If you run BIND with "-u" so it changes to an unprivileged user, then BIND may not be able to bind() to new interfaces created on your system.
> [...]
> What OS are you using, and what's the command-line you use to launch BIND?

I'm using Linux 3.0.2 w/ bind 9.9.0, so all this should work fine, quoting the
man page:

-u user
           Setuid to user after completing privileged operations, such as
creating sockets that listen on privileged ports.
                  Note: On Linux, named uses the kernel's capability mechanism
to drop all root privileges except the ability to bind(2) to a privileged port
and set process resource limits. Unfortunately, this means that the -u option
only works when named is run on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
later, since previous kernels did not allow privileges to be retained after

Seems fine... but: I found out my bind was built with --disable-linux-caps and
--disable-threads... enabling the first option sounds promising (second one is
just for my own pleasure.)

Rebuilding... I'll report back once I know whether this fixes my problem. :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4493 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the bind-users mailing list