named.pid creation problem (ubuntu 18.04 / Bind9.14 )
after upgrade to 9.14 and a machine reboot, /run/named/named.pid is no longer created
BIND version used
Ubuntu 18.04 ISC package 9.14.4-Ubuntu (Stable Release) id:ab4c496
What is the expected correct behavior?
/run/named/ should be created
/run/named/ should be populated with named.pid and session.key
Relevant configuration files
pid/session compiled in default in the ISC Ubuntu 18.04 bind9.14 package
Relevant logs and/or screenshots
No log appamor fire a "DENIED" operation="mkdir" name="/run/named/" But after adding an apparmor rule or a disabling the apparmor profile, the directory is still not created.
So named try to create the directory but fail. If I manually create /run/named and chown to root:bind all work as before.
It seems that now named drop it root privilege too early, before the creation of the /run/named directory. As the directory was still there before and after the upgrade, this behavior was discovered only after a machine reboot because of the volatility of /run.
manually create /run/named and chown to root:bind
ExecStartPre=/bin/mkdir -p -m775 /run/named ExecStartPre=/bin/chown root:bind /run/named
to the systemd unit does the trick but is sub-optimal.