ndc restart... not honoring original user/group
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Wed Jan 10 19:44:06 UTC 2001
> In article <93i1fi$74t at pub3.rc.vix.com>,
> Jeffrey C. Albro <jeff at velvet.antistatic.com> wrote:
> >
> >
> >I've noted in the documentation and proved by testing that ndc restart
> >does not honor the orginal user/group of the running named...
> >
> >If you start named (8.2.2p7) with
> >
> >named -u named -g named
> >
> >and type
> >
> >ndc restart
> >
> >it will run as root/root.
> >
> >Is there plans to fix this in 9?
>
> Instead of "ndc restart", use "ndc exec". This sends a message to the
> named process (via the /etc/ndc socket) telling it to exec() itself. Since
> this restarts it in the same process, the uid and gid don't change.
It doesn't work with -u as you have lost the rights to bind to
reserved ports.
Restart accepts all the arguements that named accepts.
You may need "ndc -- restart ..." if your system links with
a broken getopt() by default, e.g. many Linux based os's.
Mark
>
> --
> Barry Margolin, barmar at genuity.net
> Genuity, Burlington, MA
> *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
> Please DON'T copy followups to me -- I'll assume it wasn't posted to the grou
> p.
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list