186599 – net-dns/bind9 user name should be configurable

Bug 186599 - net-dns/bind9 user name should be configurable

Summary: net-dns/bind9 user name should be configurable

Status:	RESOLVED CANTFIX

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High enhancement
Assignee:	Gentoo Linux bug wranglers

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2007-07-25 15:57 UTC by Matus UHLAR - fantomas
Modified:	2007-07-25 16:17 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matus UHLAR - fantomas 2007-07-25 15:57:27 UTC

It should be configurable which user will bind run under. Currently, user 'named' is hardcoded in startup script, but we prefer our own security model in our heterogenous network.

Reproducible: Always



Expected Results:  
there should be option USER="" in /etc/conf.d/named, which, if set, would change the user from named. the "named" can be default in /etc/conf.d/named and/or /etc/init.d/named, but it should be configurable

Comment 1 Jakub Moc (RETIRED) gentoo-dev

2007-07-25 16:02:33 UTC

Not possible, would break directory permissions among others (/var/run, /var/bind etc.), see the ebuild.

Comment 2 Matus UHLAR - fantomas 2007-07-25 16:11:53 UTC

A simple warning about this issue should be enough imho.
We do not use standard hierarchy, also because of this issue (default permissions).
I found one-time changing conf.d/bind nicer than repeated change of init script.

Comment 3 Jakub Moc (RETIRED) gentoo-dev

2007-07-25 16:17:42 UTC

See, if you dislike the current ebuild, create your own in your overlay, this is plain not worth the trouble.