Commit f6f1672b authored by Mark Andrews's avatar Mark Andrews
Browse files

2486. [func] The default locations for named.pid and lwresd.pid

                        are now /var/run/named/named.pid and
                        /var/run/lwresd/lwresd.pid respectively.

                        This allows the owner of the containing directory
                        to be set, for "named -u" support, and allows there
                        to be a permanent symbolic link in the path, for
                        "named -t" support.  [RT #18306]
parent 1f3e0508
2486. [func] The default locations for named.pid and lwresd.pid
are now /var/run/named/named.pid and
/var/run/lwresd/lwresd.pid respectively.
This allows the owner of the containing directory
to be set, for "named -u" support, and allows there
to be a permanent symbolic link in the path, for
"named -t" support. [RT #18306]
2485. [bug] Change update's the handling of obscured RRSIG 2485. [bug] Change update's the handling of obscured RRSIG
records. Not all orphand DS records were being records. Not all orphand DS records were being
removed. [RT #18828] removed. [RT #18828]
......
...@@ -56,6 +56,9 @@ BIND 9.6.0 ...@@ -56,6 +56,9 @@ BIND 9.6.0
The BIND 8 resolver library, libbind, has been removed from the The BIND 8 resolver library, libbind, has been removed from the
BIND 9 distribution and is now available as a separate download. BIND 9 distribution and is now available as a separate download.
Change the default pid file location from /var/run to
/var/run/{named,lwresd} for improved chroot/setuid support.
BIND 9.5.0 BIND 9.5.0
BIND 9.5.0 has a number of new features over 9.4, BIND 9.5.0 has a number of new features over 9.4,
...@@ -451,6 +454,9 @@ Building ...@@ -451,6 +454,9 @@ Building
To disable the default check set. -DCHECK_SIBLING=0 To disable the default check set. -DCHECK_SIBLING=0
named-checkzone checks out-of-zone addresses by default. named-checkzone checks out-of-zone addresses by default.
To disable this default set. -DCHECK_LOCAL=0 To disable this default set. -DCHECK_LOCAL=0
To create the default pid files in ${localstatedir}/run rather
than ${localstatedir}/run/{named,lwresd}/ set.
-DNS_RUN_PID_DIR=0
LDFLAGS LDFLAGS
Linker flags. Defaults to empty string. Linker flags. Defaults to empty string.
......
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE. * PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: config.c,v 1.92 2008/09/27 23:35:31 jinmei Exp $ */ /* $Id: config.c,v 1.93 2008/11/06 05:30:24 marka Exp $ */
/*! \file */ /*! \file */
...@@ -69,7 +69,7 @@ options {\n\ ...@@ -69,7 +69,7 @@ options {\n\
memstatistics-file \"named.memstats\";\n\ memstatistics-file \"named.memstats\";\n\
multiple-cnames no;\n\ multiple-cnames no;\n\
# named-xfer <obsolete>;\n\ # named-xfer <obsolete>;\n\
# pid-file \"" NS_LOCALSTATEDIR "/named.pid\"; /* or /lwresd.pid */\n\ # pid-file \"" NS_LOCALSTATEDIR "/run/named/named.pid\"; /* or /lwresd.pid */\n\
port 53;\n\ port 53;\n\
recursing-file \"named.recursing\";\n\ recursing-file \"named.recursing\";\n\
" "
......
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE. * PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: globals.h,v 1.77 2008/10/24 01:08:21 marka Exp $ */ /* $Id: globals.h,v 1.78 2008/11/06 05:30:24 marka Exp $ */
#ifndef NAMED_GLOBALS_H #ifndef NAMED_GLOBALS_H
#define NAMED_GLOBALS_H 1 #define NAMED_GLOBALS_H 1
...@@ -42,6 +42,10 @@ ...@@ -42,6 +42,10 @@
#define INIT(v) #define INIT(v)
#endif #endif
#ifndef NS_RUN_PID_DIR
#define NS_RUN_PID_DIR 1
#endif
EXTERN isc_mem_t * ns_g_mctx INIT(NULL); EXTERN isc_mem_t * ns_g_mctx INIT(NULL);
EXTERN unsigned int ns_g_cpus INIT(0); EXTERN unsigned int ns_g_cpus INIT(0);
EXTERN isc_taskmgr_t * ns_g_taskmgr INIT(NULL); EXTERN isc_taskmgr_t * ns_g_taskmgr INIT(NULL);
...@@ -109,9 +113,17 @@ EXTERN isc_boolean_t ns_g_foreground INIT(ISC_FALSE); ...@@ -109,9 +113,17 @@ EXTERN isc_boolean_t ns_g_foreground INIT(ISC_FALSE);
EXTERN isc_boolean_t ns_g_logstderr INIT(ISC_FALSE); EXTERN isc_boolean_t ns_g_logstderr INIT(ISC_FALSE);
EXTERN const char * ns_g_defaultpidfile INIT(NS_LOCALSTATEDIR EXTERN const char * ns_g_defaultpidfile INIT(NS_LOCALSTATEDIR
"/run/named.pid"); "/run/"
#if NS_RUN_PID_DIR
"named/"
#endif
"named.pid");
EXTERN const char * lwresd_g_defaultpidfile INIT(NS_LOCALSTATEDIR EXTERN const char * lwresd_g_defaultpidfile INIT(NS_LOCALSTATEDIR
"/run/lwresd.pid"); "/run/"
#if NS_RUN_PID_DIR
"lwresd/"
#endif
"lwresd.pid");
EXTERN const char * ns_g_username INIT(NULL); EXTERN const char * ns_g_username INIT(NULL);
EXTERN int ns_g_listen INIT(3); EXTERN int ns_g_listen INIT(3);
......
...@@ -18,7 +18,7 @@ ...@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE. - PERFORMANCE OF THIS SOFTWARE.
--> -->
<!-- $Id: lwresd.docbook,v 1.17 2008/09/25 04:02:38 tbox Exp $ --> <!-- $Id: lwresd.docbook,v 1.18 2008/11/06 05:30:24 marka Exp $ -->
<refentry> <refentry>
<refentryinfo> <refentryinfo>
<date>June 30, 2000</date> <date>June 30, 2000</date>
...@@ -199,7 +199,7 @@ ...@@ -199,7 +199,7 @@
<para> <para>
Use <replaceable class="parameter">pid-file</replaceable> as the Use <replaceable class="parameter">pid-file</replaceable> as the
PID file instead of the default, PID file instead of the default,
<filename>/var/run/lwresd.pid</filename>. <filename>/var/run/lwresd/lwresd.pid</filename>.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
......
...@@ -18,7 +18,7 @@ ...@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE. - PERFORMANCE OF THIS SOFTWARE.
--> -->
<!-- $Id: named.docbook,v 1.22 2008/09/23 17:25:47 jinmei Exp $ --> <!-- $Id: named.docbook,v 1.23 2008/11/06 05:30:24 marka Exp $ -->
<refentry id="man.named"> <refentry id="man.named">
<refentryinfo> <refentryinfo>
<date>June 30, 2000</date> <date>June 30, 2000</date>
...@@ -391,7 +391,7 @@ ...@@ -391,7 +391,7 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><filename>/var/run/named.pid</filename></term> <term><filename>/var/run/named/named.pid</filename></term>
<listitem> <listitem>
<para> <para>
The default process-id file. The default process-id file.
......
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE. * PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: os.c,v 1.87 2008/10/24 01:44:48 tbox Exp $ */ /* $Id: os.c,v 1.88 2008/11/06 05:30:24 marka Exp $ */
/*! \file */ /*! \file */
...@@ -645,6 +645,9 @@ ns_os_writepidfile(const char *filename, isc_boolean_t first_time) { ...@@ -645,6 +645,9 @@ ns_os_writepidfile(const char *filename, isc_boolean_t first_time) {
pid_t pid; pid_t pid;
char strbuf[ISC_STRERRORSIZE]; char strbuf[ISC_STRERRORSIZE];
void (*report)(const char *, ...); void (*report)(const char *, ...);
unsigned int mode;
char *slash;
int n;
/* /*
* The caller must ensure any required synchronization. * The caller must ensure any required synchronization.
...@@ -667,6 +670,27 @@ ns_os_writepidfile(const char *filename, isc_boolean_t first_time) { ...@@ -667,6 +670,27 @@ ns_os_writepidfile(const char *filename, isc_boolean_t first_time) {
/* This is safe. */ /* This is safe. */
strcpy(pidfile, filename); strcpy(pidfile, filename);
/*
* Make the containing directory if it doesn't exist.
*/
slash = strrchr(pidfile, '/');
if (slash != NULL && slash != pidfile) {
*slash = '\0';
mode = S_IRUSR | S_IWUSR | S_IXUSR; /* u=rwx */
mode |= S_IRGRP | S_IXGRP; /* g=rx */
mode |= S_IROTH | S_IXOTH; /* o=rx */
n = mkdir(pidfile, mode);
if (n == -1 && errno != EEXIST) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("couldn't mkdir %s': %s", filename,
strbuf);
free(pidfile);
pidfile = NULL;
return;
}
*slash = '/';
}
fd = safe_open(filename, ISC_FALSE); fd = safe_open(filename, ISC_FALSE);
if (fd < 0) { if (fd < 0) {
isc__strerror(errno, strbuf, sizeof(strbuf)); isc__strerror(errno, strbuf, sizeof(strbuf));
......
...@@ -18,7 +18,7 @@ ...@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE. - PERFORMANCE OF THIS SOFTWARE.
--> -->
   
<!-- File: $Id: Bv9ARM-book.xml,v 1.378 2008/11/04 01:55:59 marka Exp $ --> <!-- File: $Id: Bv9ARM-book.xml,v 1.379 2008/11/06 05:30:24 marka Exp $ -->
<book xmlns:xi="http://www.w3.org/2001/XInclude"> <book xmlns:xi="http://www.w3.org/2001/XInclude">
<title>BIND 9 Administrator Reference Manual</title> <title>BIND 9 Administrator Reference Manual</title>
   
...@@ -4797,7 +4797,8 @@ category notify { null; }; ...@@ -4797,7 +4797,8 @@ category notify { null; };
<listitem> <listitem>
<para> <para>
The pathname of the file the server writes its process ID The pathname of the file the server writes its process ID
in. If not specified, the default is <filename>/var/run/named.pid</filename>. in. If not specified, the default is
<filename>/var/run/named/named.pid</filename>.
The pid-file is used by programs that want to send signals to The pid-file is used by programs that want to send signals to
the running the running
name server. Specifying <command>pid-file none</command> disables the name server. Specifying <command>pid-file none</command> disables the
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment