bind 9.7.1-P2 startup: unable to set effective gid to 0

[aldus jung]

Just a follow up, I've added some debug statements to bin/named/unix/os.c to
see the files that named is trying to set the effective gid for, and I see:
[ID 873 daemon.warning] Trying to open: '/var/run/named.pid'.
[ID 873 daemon.warning] unable to set effective gid to 0: Not owner
[ID 873 daemon.info] generating session key for dynamic DNS
[ID 873 daemon.warning] Trying to open: '/var/run/named/session.key'.

We are running bind in a chrooted environment, running named as user 'named'
on a Solaris 10 server:
/bind/sbin/named -t /chroot/domain -u named

Only when we make root's primary id to be 0, we can get rid of the warning.
We tried adding root to the group 'root', and we still get the warning.

We've set /chroot/domain/var/run ownership to: drwxrwxr-x   4 root     other

And named.pid gets created correctly:
-rw-r--r--   1 named    named

It could be something simple that I am missing.. we'll well see.  Any
thoughts?   Thanks for your help,

AJ

On Fri, Sep 17, 2010 at 2:42 PM, aldus jung <aldusj99 at gmail.com> wrote:

> We recently upgraded from bind version 9.7.0 to 9.7.1-P2 and we noticed
> that upon start of named, we are seeing the following warning message:
>
>  [ID 123 daemon.warning] unable to set effective gid to 0: Not owner
>  [ID 123 daemon.info] generating session key for dynamic DNS
>  [ID 123 daemon.warning] unable to set effective gid to 0: Not owner
>
> On our DNS server, root user is configured as uid=0(root) gid=1(other), but
> we didn't encounter these warnings in version 9.7.0.
> It would be easy to work around the warnings by adding root to root's
> group, but I wanted to understand why we are getting these warning when we
> didn't see this on 9.7.0.
>
> Which file or directory is named trying to set gid to 0?
>
> thanks for your help,
> AJ
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100917/05e6beb6/attachment.html>