Re: BIND 9.19.24 not listening to rndc port (953)

Reply: Bjoern A. Zeeb: "Re: BIND 9.19.24 not listening to rndc port (953)"
In reply to: Bjoern A. Zeeb: "Re: BIND 9.19.24 not listening to rndc port (953)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <sthaug_at_nethelp.no>
Date: Tue, 02 Jul 2024 09:22:50 UTC

>> Other info:
>>
>> - BIND 9.18.24 on the same host works perfectly, with no rndc issues.
>> - BIND 9.19.24 on the same host also works *if I change it to run as
>> root* (by default it runs as user bind). The syslog messages are gone,
>> and rndc works as expected.
> 
> That sounds like they try to open the priv port after they changed
> users rather than before.

I ran named under truss, and as far as I can see that is exactly
what is happening:

root@nlab1:/local/etc/namedb # egrep 'setuid|setresuid|127.0.0.1:953' truss.log
38461: 0.063859531 setresuid(0xffffffff,0x35,0xffffffff) = 0 (0x0)
38461: 0.064231316 setresuid(0xffffffff,0x0,0xffffffff) = 0 (0x0)
38461: 0.064999183 setresuid(0xffffffff,0x35,0xffffffff) = 0 (0x0)
38461: 0.065332218 setresuid(0xffffffff,0x0,0xffffffff) = 0 (0x0)
38461: 0.083518302 setuid(0x35)                  = 0 (0x0)
38461: 0.093282161 bind(59,{ AF_INET 127.0.0.1:953 },16) ERR#13 'Permission denied'

So we set uid 53 (bind) at 0.083518302, and then try to bind to port
953 at 0.093282161.

Steinar Haug, AS2116