/var/lib/named not writable by named?

Jeremy C. Reed reed at reedmedia.net
Thu Jul 23 13:56:30 UTC 2020

On Wed, 22 Jul 2020, Josef Moellers wrote:

> I just read that /var/lib/named is only writable by root "for security
> reasons" (cf http://inai.de/linux/adm_ddns).
> Can anyone explain why this is so?

Not BIND specific. It is a common practice when running network servers 
to drop or reduce privileges when they can. In that case, the process 
may start as root but then changes to a dedicated user. (I didn't follow 
the URL above.) If the process needs to write to any files, then the 
system can be setup for specific directories or files that are writable 
by the dedicated user.

(Also see the May 20 response I emailed that is somewhat related to 

More information about the bind-workers mailing list