Side-effect of dropping capabilities(7) with last commit is now we
need the `/var/run/named/` directory created for us at startup.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
conf_local_file=$dyndir/named.conf.local
-
fix_perms() {
for dir in $libdir $logdir $cachedir $dyndir; do
test -e "$dir" || {
group_exists bind 57 || group_add bind 57
fix_perms
+ local runnamed=$(dirname $pid_file)
+ # with dropped privileges, we need this created for us
+ [ -d $runnamed ] || {
+ mkdir -m 0755 $runnamed
+ chown bind.bind $runnamed
+ }
+
rndc-confgen > $rndc_temp
sed -r -n \