bind 9.7.1-P2 startup: unable to set effective gid to 0
aldus jung
aldusj99 at gmail.com
Fri Sep 17 23:13:42 UTC 2010
Just a follow up, I've added some debug statements to bin/named/unix/os.c to
see the files that named is trying to set the effective gid for, and I see:
[ID 873 daemon.warning] Trying to open: '/var/run/named.pid'.
[ID 873 daemon.warning] unable to set effective gid to 0: Not owner
[ID 873 daemon.info] generating session key for dynamic DNS
[ID 873 daemon.warning] Trying to open: '/var/run/named/session.key'.
We are running bind in a chrooted environment, running named as user 'named'
on a Solaris 10 server:
/bind/sbin/named -t /chroot/domain -u named
Only when we make root's primary id to be 0, we can get rid of the warning.
We tried adding root to the group 'root', and we still get the warning.
We've set /chroot/domain/var/run ownership to: drwxrwxr-x 4 root other
And named.pid gets created correctly:
-rw-r--r-- 1 named named
It could be something simple that I am missing.. we'll well see. Any
thoughts? Thanks for your help,
AJ
On Fri, Sep 17, 2010 at 2:42 PM, aldus jung <aldusj99 at gmail.com> wrote:
> We recently upgraded from bind version 9.7.0 to 9.7.1-P2 and we noticed
> that upon start of named, we are seeing the following warning message:
>
> [ID 123 daemon.warning] unable to set effective gid to 0: Not owner
> [ID 123 daemon.info] generating session key for dynamic DNS
> [ID 123 daemon.warning] unable to set effective gid to 0: Not owner
>
> On our DNS server, root user is configured as uid=0(root) gid=1(other), but
> we didn't encounter these warnings in version 9.7.0.
> It would be easy to work around the warnings by adding root to root's
> group, but I wanted to understand why we are getting these warning when we
> didn't see this on 9.7.0.
>
> Which file or directory is named trying to set gid to 0?
>
> thanks for your help,
> AJ
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100917/05e6beb6/attachment.html>
More information about the bind-users
mailing list