[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Running Bind as non Root
- Subject: Re: [cobalt-users] Running Bind as non Root
- From: "Zeffie" <cobaltlist@xxxxxxxx>
- Date: Fri Aug 24 17:36:36 2001
- Organization: Electronic Consultatnts Inc.
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> > I just installed bind-update.pkg and it
> > runs under user "root". I heard that named
> > should not run as user "root". Could someone
> > provide an alterative answer and maybe a resolution?
I have seen this on almost every box..... I'm about to make a macro to
modify it as I have changed it so many times.... ?
The package updates the rpms to 8.2.3 and makes the user and group named but
it dosen't update the named.init file. I still always check for the
existance of the user and the group (grep named /etc/passwd and grep named
/etc/group) and check the directory permissions on /etc/named (drwxr-xr-x,
user named, group named) and a good old rpm -qa | grep bind to check the rpm
version.
Then start in on this lower part with a change.
<snip user setup thingy>
> Then simply make the following little change in
> /etc/rc.d/init.d/named
> Inside /etc/rc.d/init.d/named there are 2 instances of:
> daemon named
> change both of these to:
> daemon named -u named -g named
This part is incorrect... and does not restart named as the user named
(verified for this post)
> then restart named as such:
> /etc/rc.d/init.d/named restart
Instead you should
/etc/rc.d/init.d/named stop
/etc/rc.d/init.d/named start
when you look at the init file you will be able to see why restart is a
whole diffrent thing....
ps -aux | grep named
tail -20 /var/log/messages
/etc/rc.d/init.d/named status
and make sure it worked!!!
> and you're all set..
what he said
Zeffie
http://www.zeffie.com/
"I Eat Drink and Sleep this stuff"