Eugene M. Kim wrote:
[snip]
> Then, when a new address comes up (such as on a dynamically created L2TP
> tun(4) interface), BIND tries to listen on it, but fails because it is
> running setuid as bind:
> 
> Dec 27 02:32:00 home named[1121]: listening on IPv4 interface tun0, 
> 10.0.2.129#53
> Dec 27 02:32:00 home named[1121]: could not listen on UDP socket: permission 
> denied
> 
> The only workarounds that I can think of is either to run BIND as setuid
> root, or to restart (not reload) BIND every time a new VPN connection
> comes up, both of which I am not comfortable with.
> 
> Any better ideas?

mac_portacl(4)

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac-portacl.html

-- 
Skip
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to