Please consider adding a note to the bind page regarding the following dependency. CONFIG_SECURITY_CAPABILITIES must be loaded as a module or compiled into the kernel. (Linux 2.6.8.1 & bind 9.3.0)
While the default Linux Kernel config may be set appropriately, I'd previously gone through to streamline the kernel towards building a live cd. When it came time to build bind, I encountered the following difficulity:
The build died in the: make check >check.log 2>&1 command. On digging into the check.log, I found the following:
(Note: All files relative to the build directory)
File: check.log S:cacheclean:Fri Mar 11 15:49:53 EST 2005 T:cacheclean:1:A A:System test cacheclean I:Couldn't start server ns1 R:FAIL
This was the first FAIL (after which, pretty much everything else failed.) Further digging turned up:
File: bin/tests/system/cacheclean/ns1/named.run lt-named: capset failed: Operation not permitted
After a fair bit of Googling, I concluded that CONFIG_SECURITY_CAPABILITIES has to be available for bind's tests to run, and as pointed out in various emails, this must be present for named to start on a privileged port.
Sample from .config for Linux 2.6.8.1 # # Security options # CONFIG_SECURITY=y # CONFIG_SECURITY_NETWORK is not set CONFIG_SECURITY_CAPABILITIES=m # CONFIG_SECURITY_ROOTPLUG is not set # CONFIG_SECURITY_SELINUX is not set
However, because I set CONFIG_SECURITY_CAPABILITIES as a module, I continued to have a problem until I discovered the proper names of the modules to modprobe
modprobe commoncap modprobe capability
With these changes in place, bind builds without error, and runs.
Hopefully some note on the bind page can save someone else the time it took me to work this out.
Thank you all for your great work on this project.
Harrison
-- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
