Edward, It's probably failing when it tries to create /var/run/named.pid - named won't have permissions to write to that dir. One way around this is to create a "run" or "pid" group or similar, and allowing that group to write to /var/run, and adding named to the group. Not sure if that's the best way to go though... You might be better off making a chroot jail for it (and use the -t switch) Richard. On Sun, 2002-10-06 at 11:29, Edward Cheadle wrote:

I would like to run named to run under the user named. The default setting seems to run as root. I have been reading security books and they all suggest this change. In my Redhat distribution I change the init script and it works.

In the named script found in /etc/init.d the named process is started by startproc. The startproc man page says to start the process with the -u and -g switch. It does run as a different user, but then named seems not to work. The named process is running, but it does not respond to queries. I can't tell at the moment if it is because startproc starts it as a user process, that is to say it does not start up as root, or what is going on.

I am going to investigate it further, I just want to know if I was on the right track or if there is somewhere in the manuals that describe starting named with a user other than root and I just haven't found it.

thanks

edward

-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here