bind9 @9.10.0_2 fails to start due to file ownership

[jmroot (Joshua Root)]

After updating from 9.9.5, named failed to start with port load. The system log says this:

May  3 15:13:26 MiniMac named[71190]: starting BIND 9.10.0 -u named -f
May  3 15:13:26 MiniMac named[71190]: built with '--prefix=/opt/local' '--mandir=/opt/local/share/man' '--with-openssl=/opt/local' '--with-libxml2=/opt/local' '--enable-threads' '--enable-ipv6' 'CC=/usr/bin/gcc-4.2' 'CFLAGS=-pipe -Os -arch x86_64' 'LDFLAGS=-L/opt/local/lib -Wl,-headerpad_max_install_names -arch x86_64' 'CPPFLAGS=-I/opt/local/include'
May  3 15:13:26 MiniMac named[71190]: ----------------------------------------------------
May  3 15:13:26 MiniMac named[71190]: BIND 9 is maintained by Internet Systems Consortium,
May  3 15:13:26 MiniMac named[71190]: Inc. (ISC), a non-profit 501(c)(3) public-benefit 
May  3 15:13:26 MiniMac named[71190]: corporation.  Support and training for BIND 9 are 
May  3 15:13:26 MiniMac named[71190]: available at https://www.isc.org/support
May  3 15:13:26 MiniMac named[71190]: ----------------------------------------------------
May  3 15:13:26 MiniMac named[71190]: Required root permissions to open '/opt/local/var/run/named.pid'.
May  3 15:13:26 MiniMac named[71190]: Please check file and directory permissions or reconfigure the filename.
May  3 15:13:26 MiniMac named[71190]: Required root permissions to open '/opt/local/var/run/named/session.key'.
May  3 15:13:26 MiniMac named[71190]: Please check file and directory permissions or reconfigure the filename.
May  3 15:13:26 MiniMac named[71190]: command channel listening on 127.0.0.1#54
May  3 15:13:26 MiniMac named[71190]: command channel listening on /var/run/ndc
May  3 15:13:26 MiniMac named[71190]: the working directory is not writable
May  3 15:13:26 MiniMac named[71190]: isc_stdio_open '/opt/local/var/log/named.log' failed: permission denied
May  3 15:13:26 MiniMac named[71190]: configuring logging: permission denied
May  3 15:13:26 MiniMac named[71190]: loading configuration: permission denied
May  3 15:13:26 MiniMac named[71190]: exiting (due to fatal error)
May  3 15:13:26 MiniMac org.macports.bind9[71189]: isc_stdio_open '/opt/local/var/log/named.log' failed: permission denied
May  3 15:13:26 MiniMac com.apple.launchd[1] (org.macports.bind9): Throttling respawn: Will start in 10 seconds

[danielluke (Daniel J. Luke)]

The most recent update to the port also has named running as a new user 'named'. You can look at the new example conf for a reasonable place to put the pid-file now (where the named user can write a file). You'll want to do something similar with your logging setup.

[cooljeanius (Eric Gallager)]

Maybe something about that could be added to the notes section? I see you added some other stuff to the notes section when adding the named user in r119626, but none of those additions to the notes actually mentioned anything about the new named user though...

[cooljeanius (Eric Gallager)]

Cc Me!

[jmroot (Joshua Root)]

Yes, a note explaining what needs to be done to make things work again would be appreciated. From a user point of view, the update just breaks your setup with no warning.

Ideally some post-activate code would even take care of everything automatically, but I can see how that might be tricky.

[danielluke (Daniel J. Luke)]

I added some text in r119741 (it does seem pretty arbitrary when we care or don't care about helping the user upgrade - see the mysql5 ->mysql51 transition for an example of where I don't believe we do anything to help the end user and instead assume that they can just figure things out).

[r1pp3r@…]

Cc Me!