13.8 Running DNS Server as a Non-Root User

The named user is created during installation of BIND. When you load novell-named with rcnovell-named start or /etc/init.d/novell-named start, DNS server reuses the named user to run the DNS service daemon.

If you want to run the DNS service daemon with any other non-root user:

  1. In YaST, create a user using the Security and Users > User Management option in YaST.

  2. Set Runtime credentials for the user created in Step 1, Section 11.3, Setting Runtime Credentials

  3. To load novell-named with -t (chroot) option, make sure that the following directories are created under the chroot directory with permissions to user specified with -u option:

    • The configuration file directory /etc/opt/novell/named

    • The log file directory /var/opt/novell/log/named

    • The pid directory /var/opt/novell/run/named

    • /etc/rndc.key

    NOTE:In cluster setup, Runtime Credentials must be set on all the nodes in the DNS cluster.

  4. Edit /etc/init.d/novell-named and modify the checkAndCopyConfigFiles function and make relevant changes for user name and group.

  5. Start the DNS server using rcnovell-named start or /etc/init.d/novel-named start command.