comment about ifs scan twice the first time

Add comment message about why we're scanning interfaces twice during the
initial configuration (FreeBSD compatibility). See #3583

diff --git a/bin/named/server.c b/bin/named/server.c
index fad8716f809d2ca7950a066fa8abfb101eef6b17..bb46d6e48ce4018bfb4bfd785cf75998ecf53a0c 100644 (file)
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -8696,6 +8696,12 @@ apply_configuration(cfg_parser_t *configparser, cfg_obj_t *config,
                 * Rescan the interface list to pick up changes in the
                 * listen-on option. This requires the loopmgr to be
                 * temporarily resumed.
+                *
+                * The reason we're doing this the first time (instead of having
+                * only one scan later) is because we're are dropping root
+                * privileges shortly after and FreeBSD doesn't have Linux
+                * capabilities so can't listen to a privileged port without
+                * being root.
                 */
                isc_loopmgr_resume();
                result = ns_interfacemgr_scan(server->interfacemgr, true, true);