Commit f6f1672b authored by Mark Andrews's avatar Mark Andrews

2486. [func] The default locations for named.pid and lwresd.pid

                        are now /var/run/named/named.pid and
                        /var/run/lwresd/lwresd.pid respectively.

                        This allows the owner of the containing directory
                        to be set, for "named -u" support, and allows there
                        to be a permanent symbolic link in the path, for
                        "named -t" support.  [RT #18306]
parent 1f3e0508
2486. [func] The default locations for named.pid and lwresd.pid
are now /var/run/named/named.pid and
/var/run/lwresd/lwresd.pid respectively.
This allows the owner of the containing directory
to be set, for "named -u" support, and allows there
to be a permanent symbolic link in the path, for
"named -t" support. [RT #18306]
2485. [bug] Change update's the handling of obscured RRSIG
records. Not all orphand DS records were being
removed. [RT #18828]
......
......@@ -56,6 +56,9 @@ BIND 9.6.0
The BIND 8 resolver library, libbind, has been removed from the
BIND 9 distribution and is now available as a separate download.
Change the default pid file location from /var/run to
/var/run/{named,lwresd} for improved chroot/setuid support.
BIND 9.5.0
BIND 9.5.0 has a number of new features over 9.4,
......@@ -451,6 +454,9 @@ Building
To disable the default check set. -DCHECK_SIBLING=0
named-checkzone checks out-of-zone addresses by default.
To disable this default set. -DCHECK_LOCAL=0
To create the default pid files in ${localstatedir}/run rather
than ${localstatedir}/run/{named,lwresd}/ set.
-DNS_RUN_PID_DIR=0
LDFLAGS
Linker flags. Defaults to empty string.
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: config.c,v 1.92 2008/09/27 23:35:31 jinmei Exp $ */
/* $Id: config.c,v 1.93 2008/11/06 05:30:24 marka Exp $ */
/*! \file */
......@@ -69,7 +69,7 @@ options {\n\
memstatistics-file \"named.memstats\";\n\
multiple-cnames no;\n\
# named-xfer <obsolete>;\n\
# pid-file \"" NS_LOCALSTATEDIR "/named.pid\"; /* or /lwresd.pid */\n\
# pid-file \"" NS_LOCALSTATEDIR "/run/named/named.pid\"; /* or /lwresd.pid */\n\
port 53;\n\
recursing-file \"named.recursing\";\n\
"
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: globals.h,v 1.77 2008/10/24 01:08:21 marka Exp $ */
/* $Id: globals.h,v 1.78 2008/11/06 05:30:24 marka Exp $ */
#ifndef NAMED_GLOBALS_H
#define NAMED_GLOBALS_H 1
......@@ -42,6 +42,10 @@
#define INIT(v)
#endif
#ifndef NS_RUN_PID_DIR
#define NS_RUN_PID_DIR 1
#endif
EXTERN isc_mem_t * ns_g_mctx INIT(NULL);
EXTERN unsigned int ns_g_cpus INIT(0);
EXTERN isc_taskmgr_t * ns_g_taskmgr INIT(NULL);
......@@ -109,9 +113,17 @@ EXTERN isc_boolean_t ns_g_foreground INIT(ISC_FALSE);
EXTERN isc_boolean_t ns_g_logstderr INIT(ISC_FALSE);
EXTERN const char * ns_g_defaultpidfile INIT(NS_LOCALSTATEDIR
"/run/named.pid");
"/run/"
#if NS_RUN_PID_DIR
"named/"
#endif
"named.pid");
EXTERN const char * lwresd_g_defaultpidfile INIT(NS_LOCALSTATEDIR
"/run/lwresd.pid");
"/run/"
#if NS_RUN_PID_DIR
"lwresd/"
#endif
"lwresd.pid");
EXTERN const char * ns_g_username INIT(NULL);
EXTERN int ns_g_listen INIT(3);
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwresd.docbook,v 1.17 2008/09/25 04:02:38 tbox Exp $ -->
<!-- $Id: lwresd.docbook,v 1.18 2008/11/06 05:30:24 marka Exp $ -->
<refentry>
<refentryinfo>
<date>June 30, 2000</date>
......@@ -199,7 +199,7 @@
<para>
Use <replaceable class="parameter">pid-file</replaceable> as the
PID file instead of the default,
<filename>/var/run/lwresd.pid</filename>.
<filename>/var/run/lwresd/lwresd.pid</filename>.
</para>
</listitem>
</varlistentry>
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named.docbook,v 1.22 2008/09/23 17:25:47 jinmei Exp $ -->
<!-- $Id: named.docbook,v 1.23 2008/11/06 05:30:24 marka Exp $ -->
<refentry id="man.named">
<refentryinfo>
<date>June 30, 2000</date>
......@@ -391,7 +391,7 @@
</varlistentry>
<varlistentry>
<term><filename>/var/run/named.pid</filename></term>
<term><filename>/var/run/named/named.pid</filename></term>
<listitem>
<para>
The default process-id file.
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: os.c,v 1.87 2008/10/24 01:44:48 tbox Exp $ */
/* $Id: os.c,v 1.88 2008/11/06 05:30:24 marka Exp $ */
/*! \file */
......@@ -645,6 +645,9 @@ ns_os_writepidfile(const char *filename, isc_boolean_t first_time) {
pid_t pid;
char strbuf[ISC_STRERRORSIZE];
void (*report)(const char *, ...);
unsigned int mode;
char *slash;
int n;
/*
* The caller must ensure any required synchronization.
......@@ -667,6 +670,27 @@ ns_os_writepidfile(const char *filename, isc_boolean_t first_time) {
/* This is safe. */
strcpy(pidfile, filename);
/*
* Make the containing directory if it doesn't exist.
*/
slash = strrchr(pidfile, '/');
if (slash != NULL && slash != pidfile) {
*slash = '\0';
mode = S_IRUSR | S_IWUSR | S_IXUSR; /* u=rwx */
mode |= S_IRGRP | S_IXGRP; /* g=rx */
mode |= S_IROTH | S_IXOTH; /* o=rx */
n = mkdir(pidfile, mode);
if (n == -1 && errno != EEXIST) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("couldn't mkdir %s': %s", filename,
strbuf);
free(pidfile);
pidfile = NULL;
return;
}
*slash = '/';
}
fd = safe_open(filename, ISC_FALSE);
if (fd < 0) {
isc__strerror(errno, strbuf, sizeof(strbuf));
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- File: $Id: Bv9ARM-book.xml,v 1.378 2008/11/04 01:55:59 marka Exp $ -->
<!-- File: $Id: Bv9ARM-book.xml,v 1.379 2008/11/06 05:30:24 marka Exp $ -->
<book xmlns:xi="http://www.w3.org/2001/XInclude">
<title>BIND 9 Administrator Reference Manual</title>
......@@ -4797,7 +4797,8 @@ category notify { null; };
<listitem>
<para>
The pathname of the file the server writes its process ID
in. If not specified, the default is <filename>/var/run/named.pid</filename>.
in. If not specified, the default is
<filename>/var/run/named/named.pid</filename>.
The pid-file is used by programs that want to send signals to
the running
name server. Specifying <command>pid-file none</command> disables the
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment