[svlug] manners

[Rick Moen]

begin  Derek Balling quotation:

> Rick... I'm going to lose my faith in you now....  The king of 
> documentation references, missing this one?
> 
> The error you get if you try (and fail) in "stock" mode is:
> 
> "-u not supported on Linux kernels older than 2.3.99-pre3 or 2.2.18 
> when using threads"

Part of the solution to your conundrum is that I didn't actually fire up
BIND v. 9.x on an old kernel (because I'm running 2.4.x).  So, I didn't 
see that error message.

> Which should easily lead you to the "disable threads or upgrade the 
> kernel" choice, or... you could read the FAQ in the root of the 
> tarball.

And that's the other part of the solution:  Having read the manpage,
e.g., 

    -u      run named as UID user-id. named will change its UID after it has
             carried out any privileged operations, such as creating sockets
             that listen on privileged ports.

             On Linux, named uses the kernel's capability mechanism to drop
             all root privileges except the ability to bind() to a privileged
             port.  Unfortunately, this means that the "-u" option only works
             when named is run on 2.3.99-pre3 or later kernel, since previous
             kernels did not allow privileges to be retained after setuid().

...and having browsed through what comes with Debian package bind9-doc,
and having looked through ISC's Web pages, I haven't yet bothered to
rebuild from a source tarball, because I didn't yet see any point.

So, thank you again for calling the threading dependency to my attention.

-- 
Cheers,      "Transported to a surreal landscape, a young girl kills the first 
Rick Moen     woman she meets, and then teams up with three complete strangers
rick at linuxmafia.com       to kill again."  -- Rick Polito's That TV Guy column,
              describing the movie _The Wizard of Oz_