On Tue, 2 Jul 2024, sth...@nethelp.no wrote:
Other info:
- BIND 9.18.24 on the same host works perfectly, with no rndc issues.
- BIND 9.19.24 on the same host also works *if I change it to run as
root* (by default it runs as user bind). The syslog messages are gone,
and rndc works as expected.
That sounds like they try to open the priv port after they changed
users rather than before.
I ran named under truss, and as far as I can see that is exactly
what is happening:
root@nlab1:/local/etc/namedb # egrep 'setuid|setresuid|127.0.0.1:953' truss.log
38461: 0.063859531 setresuid(0xffffffff,0x35,0xffffffff) = 0 (0x0)
38461: 0.064231316 setresuid(0xffffffff,0x0,0xffffffff) = 0 (0x0)
38461: 0.064999183 setresuid(0xffffffff,0x35,0xffffffff) = 0 (0x0)
38461: 0.065332218 setresuid(0xffffffff,0x0,0xffffffff) = 0 (0x0)
38461: 0.083518302 setuid(0x35) = 0 (0x0)
38461: 0.093282161 bind(59,{ AF_INET 127.0.0.1:953 },16) ERR#13 'Permission
denied'
So we set uid 53 (bind) at 0.083518302, and then try to bind to port
953 at 0.093282161.
Are you going to poe a bug with the bind people?
/bz
--
Bjoern A. Zeeb r15:7
