+2486. [func] The default locations for named.pid and lwresd.pid
+ are now /var/run/named/named.pid and
+ /var/run/lwresd/lwresd.pid respectively.
+
+ This allows the owner of the containing directory
+ to be set, for "named -u" support, and allows there
+ to be a permanent symbolic link in the path, for
+ "named -t" support. [RT #18306]
+
2485. [bug] Change update's the handling of obscured RRSIG
records. Not all orphand DS records were being
removed. [RT #18828]
The BIND 8 resolver library, libbind, has been removed from the
BIND 9 distribution and is now available as a separate download.
+ Change the default pid file location from /var/run to
+ /var/run/{named,lwresd} for improved chroot/setuid support.
+
BIND 9.5.0
BIND 9.5.0 has a number of new features over 9.4,
To disable the default check set. -DCHECK_SIBLING=0
named-checkzone checks out-of-zone addresses by default.
To disable this default set. -DCHECK_LOCAL=0
+ To create the default pid files in ${localstatedir}/run rather
+ than ${localstatedir}/run/{named,lwresd}/ set.
+ -DNS_RUN_PID_DIR=0
LDFLAGS
Linker flags. Defaults to empty string.
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: config.c,v 1.92 2008/09/27 23:35:31 jinmei Exp $ */
+/* $Id: config.c,v 1.93 2008/11/06 05:30:24 marka Exp $ */
/*! \file */
memstatistics-file \"named.memstats\";\n\
multiple-cnames no;\n\
# named-xfer <obsolete>;\n\
-# pid-file \"" NS_LOCALSTATEDIR "/named.pid\"; /* or /lwresd.pid */\n\
+# pid-file \"" NS_LOCALSTATEDIR "/run/named/named.pid\"; /* or /lwresd.pid */\n\
port 53;\n\
recursing-file \"named.recursing\";\n\
"
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: globals.h,v 1.77 2008/10/24 01:08:21 marka Exp $ */
+/* $Id: globals.h,v 1.78 2008/11/06 05:30:24 marka Exp $ */
#ifndef NAMED_GLOBALS_H
#define NAMED_GLOBALS_H 1
#define INIT(v)
#endif
+#ifndef NS_RUN_PID_DIR
+#define NS_RUN_PID_DIR 1
+#endif
+
EXTERN isc_mem_t * ns_g_mctx INIT(NULL);
EXTERN unsigned int ns_g_cpus INIT(0);
EXTERN isc_taskmgr_t * ns_g_taskmgr INIT(NULL);
EXTERN isc_boolean_t ns_g_logstderr INIT(ISC_FALSE);
EXTERN const char * ns_g_defaultpidfile INIT(NS_LOCALSTATEDIR
- "/run/named.pid");
+ "/run/"
+#if NS_RUN_PID_DIR
+ "named/"
+#endif
+ "named.pid");
EXTERN const char * lwresd_g_defaultpidfile INIT(NS_LOCALSTATEDIR
- "/run/lwresd.pid");
+ "/run/"
+#if NS_RUN_PID_DIR
+ "lwresd/"
+#endif
+ "lwresd.pid");
EXTERN const char * ns_g_username INIT(NULL);
EXTERN int ns_g_listen INIT(3);
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwresd.docbook,v 1.17 2008/09/25 04:02:38 tbox Exp $ -->
+<!-- $Id: lwresd.docbook,v 1.18 2008/11/06 05:30:24 marka Exp $ -->
<refentry>
<refentryinfo>
<date>June 30, 2000</date>
<para>
Use <replaceable class="parameter">pid-file</replaceable> as the
PID file instead of the default,
- <filename>/var/run/lwresd.pid</filename>.
+ <filename>/var/run/lwresd/lwresd.pid</filename>.
</para>
</listitem>
</varlistentry>
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: named.docbook,v 1.22 2008/09/23 17:25:47 jinmei Exp $ -->
+<!-- $Id: named.docbook,v 1.23 2008/11/06 05:30:24 marka Exp $ -->
<refentry id="man.named">
<refentryinfo>
<date>June 30, 2000</date>
</varlistentry>
<varlistentry>
- <term><filename>/var/run/named.pid</filename></term>
+ <term><filename>/var/run/named/named.pid</filename></term>
<listitem>
<para>
The default process-id file.
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: os.c,v 1.87 2008/10/24 01:44:48 tbox Exp $ */
+/* $Id: os.c,v 1.88 2008/11/06 05:30:24 marka Exp $ */
/*! \file */
pid_t pid;
char strbuf[ISC_STRERRORSIZE];
void (*report)(const char *, ...);
+ unsigned int mode;
+ char *slash;
+ int n;
/*
* The caller must ensure any required synchronization.
/* This is safe. */
strcpy(pidfile, filename);
+ /*
+ * Make the containing directory if it doesn't exist.
+ */
+ slash = strrchr(pidfile, '/');
+ if (slash != NULL && slash != pidfile) {
+ *slash = '\0';
+ mode = S_IRUSR | S_IWUSR | S_IXUSR; /* u=rwx */
+ mode |= S_IRGRP | S_IXGRP; /* g=rx */
+ mode |= S_IROTH | S_IXOTH; /* o=rx */
+ n = mkdir(pidfile, mode);
+ if (n == -1 && errno != EEXIST) {
+ isc__strerror(errno, strbuf, sizeof(strbuf));
+ (*report)("couldn't mkdir %s': %s", filename,
+ strbuf);
+ free(pidfile);
+ pidfile = NULL;
+ return;
+ }
+ *slash = '/';
+ }
+
fd = safe_open(filename, ISC_FALSE);
if (fd < 0) {
isc__strerror(errno, strbuf, sizeof(strbuf));
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- File: $Id: Bv9ARM-book.xml,v 1.378 2008/11/04 01:55:59 marka Exp $ -->
+<!-- File: $Id: Bv9ARM-book.xml,v 1.379 2008/11/06 05:30:24 marka Exp $ -->
<book xmlns:xi="http://www.w3.org/2001/XInclude">
<title>BIND 9 Administrator Reference Manual</title>
<listitem>
<para>
The pathname of the file the server writes its process ID
- in. If not specified, the default is <filename>/var/run/named.pid</filename>.
+ in. If not specified, the default is
+ <filename>/var/run/named/named.pid</filename>.
The pid-file is used by programs that want to send signals to
the running
name server. Specifying <command>pid-file none</command> disables the
projects / thirdparty / bind9.git / commitdiff
