# FreeBSD Beta1 + bind/named



## akil (Aug 31, 2011)

Hi

I have noticed privileges issue, which relay to dnssec , especially new feature auto-dnssec.

If someone gets below message in syslog:

```
Aug 31 08:02:45 franio named[14685]: /etc/namedb/master/lab.org-forward.jnl: create: permission denied
Aug 31 08:02:45 franio named[14685]: zone lab.org/IN: zone_rekey:dns_journal_open -> unexpected error
```
 

then may proceed with my solution. Below is a small patch which resolve mentioned issue with unprivileged write message, so in directory /etc/mtree you have bad entry, as far as I know /etc/rc.d/named depend on file in /etc/mtree/BIND.chroot.dist, so some modifications are necessary:


```
*** PATCH ***
diff -Nrua BIND.chroot.dist-orig  BIND.chroot.dist
--- BIND.chroot.dist-orig       2011-08-31 08:04:20.000000000 +0200
+++ BIND.chroot.dist    2011-08-31 08:03:41.000000000 +0200
@@ -3,7 +3,7 @@
 # Please see the file src/etc/mtree/README before making changes to this file.
 #
 
-/set type=dir uname=root gname=wheel mode=0755
+/set type=dir uname=bind gname=wheel mode=0755
 .
     dev             mode=0555
     ..
*** PATCH ***
```

To prevent introducing that issue after world building you should consider to change file in source world accordingly:

/usr/src/etc/mtree/BIND.chroot.dist

.


----------

