Changes between Version 6 and Version 7 of bind
- Timestamp:
- 10/19/2019 12:38:24 AM (5 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
bind
v6 v7 147 147 ---- 148 148 149 Bind 9.14.5 is dropping this into sys.log, but still runs fine:[[BR]] 149 Bind 9.14.5 - 9.14.7 will report the following errors into sys.log, but still runs: [[BR]] 150 150 151 named[459]: listening on IPv4 interface enp0s3, 192.168.56.2#53 [[BR]] 151 152 named[459]: unable to set effective uid to 0: Operation not permitted[[BR]] … … 155 156 156 157 [Found this link](http://bind-users-forum.2342410.n4.nabble.com/BIND-9-14-0-unable-to-set-effective-uid-to-0-Operation-not-permitted-td6844.html) describing named wanting to revert back to UID 0, root for some reason even though it is in chroot at this time.[[BR]] 158 This page also discusses the issue: https://gitlab.isc.org/isc-projects/bind9/issues/1042 [[BR]] 159 157 160 You can disable caps --disable-linux-caps but at the cost of security, and no one knows what that cost is?!? [[BR]] 158 This page also discusses the issue: https://gitlab.isc.org/isc-projects/bind9/issues/1042 161 162 163 Confirmed that building with the --disable-linux-caps removes the error condition. 164 165 166 ---- 167 168 Want to verify the validity of the downloaded files from isc instead of trusting the MD5 from the book?[[BR]] 169 Run these commands if you have gpg installed: 170 171 172 {{{ 173 wget ftp://ftp.isc.org/isc/pgpkeys/codesign2019.txt 174 wget ftp://ftp.isc.org/isc/bind9/cur/9.14/bind-9.14.7.tar.{gz,gz.asc} 175 176 gpg --import codesign2019.txt 177 gpg -d bind-9.14.7.tar.gz.asc 2>&1 |grep 'Good\|BAD' 178 }}} 179 180 Downloads and imports isc public key, imports to keyring, check the file.