# named (reboot) issue



## AlbyVA (Feb 24, 2013)

Whenever I reboot my box and named is started during the boot cycle, I get these errors once every hour. Take note, I also have a VPN tunnel that comes up and all named traffic transits that tunnel.


```
Feb 23 18:11:04 godzilla named[1286]: could not listen on UDP socket: permission denied
Feb 23 18:11:04 godzilla named[1286]: creating IPv4 interface tun0 failed; interface ignored
Feb 23 19:11:04 godzilla named[1286]: could not listen on UDP socket: permission denied
Feb 23 19:11:04 godzilla named[1286]: creating IPv4 interface tun0 failed; interface ignored
```


To resolve the issue, I have to restart named by hand (/etc/rc.d/named restart) and that resolves the issues. The errors stop occurring. Anybody have any idea's what is going on?


----------



## junovitch@ (Feb 24, 2013)

Does named start and drop to user privileges before your tun0 comes online?  Perhaps the _service named restart_ as root allows it to bind properly before dropping permissions and doing a chroot.


----------



## AlbyVA (Feb 25, 2013)

junovitch said:
			
		

> Does named start and drop to user privileges before your tun0 comes online?  Perhaps the service named restart as root allows it to bind properly before dropping permissions and doing a chroot.





You might be right, but I'm not sure how to confirm that or fix it.
Got any suggestions?


----------



## junovitch@ (Feb 28, 2013)

Perhaps you can modify the order the scripts are checked in.  Check out rcorder() man pages for more details.

It might be as simple as changing this...

```
# REQUIRE: SERVERS cleanvar
```

To this in /etc/rc.d/named...

```
# REQUIRE: SERVERS cleanvar openvpn
```

Where the VPN software lists what it provides in it's /usr/local/etc/rc.d/ script

```
# PROVIDE: openvpn
```

However, I am no expert and just guessing.  Have fun.


----------



## AlbyVA (Mar 1, 2013)

junovitch said:
			
		

> Perhaps you can modify the order the scripts are checked in.  Check out rcorder() man pages for more details.
> 
> It might be as simple as changing this...
> 
> ...







  Thanks.. I've opted to just move the OpenVPN to a DD-WRT router and off the server itself. That way, I no longer need to worry about permission settings during the bootup.  

Thanks,


----------

