> This sounds weird. Normally, named binds to port 53 and some high
> unprivileged port for replies from other DNS servers. Do you have some
> 'listen-on' and/or 'query-source' statements in your named.conf? If
> you do, just change permissions of /mnt/net/ipv4/bind/921 appropriately.
The port 53 bindings happen without problem.
BINDv9 has a lightweight resolver service which runs on port 921 - this is
not enabled by default, and when it is enabled, seems to start up later on
in the startup process.
Add the single line:
lwres {};
in your named.conf and it will be enabled.
> You may use accessfs and capabilities in parallel, of course. But
> currently, this is equivalent to "chown root/chmod u+x".
Taking capabilities away seems to break backwards compatibility.
And I'm not entirely sure it *is* equivalent to chown root/chmod u+x -
that is how /mnt/accessfs/net/ipv4/bind appeared and my named couldn't
bind to 921.
Ben
-- Ben Clifford benc@hawaga.org.uk GPG: 30F06950 Job Required in Los Angeles - Will do most things unix or IP for money. http://www.hawaga.org.uk/resume/resume001.pdf
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/