Wind River Support Network


LIN6-3862 : named running as root

Created: May 7, 2013    Updated: Mar 10, 2016
Resolved Date: Nov 8, 2013
Previous ID: LIN5-4592, LIN6-3077
Found In Version: 6.0
Fix Version: 6.0
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Networking


The bind daemon (named) should run as a non-root user for security reasons.
Prior to WRL5 this was the case, but no longer.

It should also be run in a chroot jail.


The start-up script can be modified or named started manually with the desired options.
The user and jail also need to be created manually.

Steps to Reproduce

$ configure --enable-board=qemux86 --enable-rootfs=glibc_std --enable-kernel=standard
$ make fs
$ make start-target

On the target:

# ps -ef | grep bind
root       492     1  0 15:22 ?        00:00:00 /usr/sbin/rpcbind

In previous versions of WRL it would run as user "named" and in a jail as this example from WRL3 shows:

named    30790  0.0  0.0 167808 19868 ?        Ssl  15:04   0:00
/usr/sbin/named -u named -t /var/named/chroot

Other Downloads

Live chat