bind10 fails to start with --user=bind

Spain, Dr. Jeffry A. spainj at countryday.net
Fri Dec 2 19:06:22 UTC 2011


> The --user switch does not set the effective group id. Please try by 
> changing the owner of /var/bind10-devel (and not just the group).

I changed the permissions on /var/bind10-devel as follows:
root at bind10:/var/bind10-devel# ls -al /var/bind10-devel/
total 8
drwxrwxr-x  2 bind bind 4096 2011-12-02 06:18 .
drwxr-xr-x 13 root root 4096 2011-12-02 06:18 ..

That does make bind10 start up properly, except that I have to also change the permissions on /var/run/named for the sake of the pid file.

This probably reflects a fundamental misunderstanding on my part. I assumed that making user bind a member of group bind when setting up that account would make the permissions for group bind effective for the bind10 process. Based on what I see here, I think it is true that the bind10 process is setting its effective userid to bind and leaving its effective groupid set to root, and that those settings are relevant to access control rather than user bind's group membership. Would you please comment on this? Thanks. Jeff.



More information about the bind10-users mailing list