named (reboot) issue

A

AlbyVA

Whenever I reboot my box and named is started during the boot cycle, I get these errors once every hour. Take note, I also have a VPN tunnel that comes up and all named traffic transits that tunnel.

Code: 
Feb 23 18:11:04 godzilla named[1286]: could not listen on UDP socket: permission denied
Feb 23 18:11:04 godzilla named[1286]: creating IPv4 interface tun0 failed; interface ignored
Feb 23 19:11:04 godzilla named[1286]: could not listen on UDP socket: permission denied
Feb 23 19:11:04 godzilla named[1286]: creating IPv4 interface tun0 failed; interface ignored


To resolve the issue, I have to restart named by hand (/etc/rc.d/named restart) and that resolves the issues. The errors stop occurring. Anybody have any idea's what is going on?
 
Does named start and drop to user privileges before your tun0 comes online? Perhaps the service named restart as root allows it to bind properly before dropping permissions and doing a chroot.
 
junovitch said:
Does named start and drop to user privileges before your tun0 comes online? Perhaps the service named restart as root allows it to bind properly before dropping permissions and doing a chroot.
Click to expand...



You might be right, but I'm not sure how to confirm that or fix it.
Got any suggestions?
 
Perhaps you can modify the order the scripts are checked in. Check out rcorder() man pages for more details.

It might be as simple as changing this...
Code: 
# REQUIRE: SERVERS cleanvar

To this in /etc/rc.d/named...
Code: 
# REQUIRE: SERVERS cleanvar openvpn

Where the VPN software lists what it provides in it's /usr/local/etc/rc.d/ script
Code: 
# PROVIDE: openvpn

However, I am no expert and just guessing. Have fun.
 
junovitch said:
Perhaps you can modify the order the scripts are checked in. Check out rcorder() man pages for more details.

It might be as simple as changing this...
Code: 
# REQUIRE: SERVERS cleanvar

To this in /etc/rc.d/named...
Code: 
# REQUIRE: SERVERS cleanvar openvpn

Where the VPN software lists what it provides in it's /usr/local/etc/rc.d/ script
Code: 
# PROVIDE: openvpn

However, I am no expert and just guessing. Have fun.
Click to expand...





Thanks.. I've opted to just move the OpenVPN to a DD-WRT router and off the server itself. That way, I no longer need to worry about permission settings during the bootup.

Thanks,
 
You must log in or register to reply here.
Back
Top