For a very long time I have noticed that when starting named there is a log message or in systemctl status a line complaining about being unable to write to the working directory as in the 2nd line with date/time from the command below: [root@lapmike3 ~]# systemctl status named named.service - Internet domain name server Loaded: loaded (/usr/lib/systemd/system/named.service; enabled) Active: active (running) since Sat 2013-02-09 09:45:40 GMT; 1h 2min ago Main PID: 336 (named) CGroup: name=systemd:/system/named.service └─336 /usr/sbin/named -f -u named Feb 09 09:45:42 lapmike3 named[336]: command channel listening on ::1#953 Feb 09 09:45:42 lapmike3 named[336]: the working directory is not writable Feb 09 09:45:42 lapmike3 named[336]: managed-keys-zone: loaded serial 0 Feb 09 09:45:42 lapmike3 named[336]: zone 0.0.127.in-addr.arpa/IN: loaded serial 42 Feb 09 09:45:42 lapmike3 named[336]: zone localhost/IN: loaded serial 42 Feb 09 09:45:42 lapmike3 named[336]: all zones loaded Feb 09 09:45:42 lapmike3 named[336]: running Feb 09 10:45:42 lapmike3 named[336]: listening on IPv4 interface wlan0, 10.0.0.69#53 Feb 09 10:45:42 lapmike3 named[336]: could not listen on UDP socket: permission denied Feb 09 10:45:42 lapmike3 named[336]: creating IPv4 interface wlan0 failed; interface ignored Looking at the permissions of /var/named in arch here on my laptop I see: drwxr-x--- 2 root named 4096 Dec 4 21:23 named So doing: [root@lapmike3 ~]# chmod 770 /var/named Now: drwxrwx--- 2 root named 4096 Dec 4 21:23 named And [root@lapmike3 ~]# systemctl restart named [root@lapmike3 ~]# systemctl status named named.service - Internet domain name server Loaded: loaded (/usr/lib/systemd/system/named.service; enabled) Active: active (running) since Sat 2013-02-09 10:50:48 GMT; 3s ago Process: 3619 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS) Main PID: 3623 (named) CGroup: name=systemd:/system/named.service └─3623 /usr/sbin/named -f -u named Feb 09 10:50:48 lapmike3 named[3623]: automatic empty zone: A.E.F.IP6.ARPA Feb 09 10:50:48 lapmike3 named[3623]: automatic empty zone: B.E.F.IP6.ARPA Feb 09 10:50:48 lapmike3 named[3623]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA Feb 09 10:50:48 lapmike3 named[3623]: command channel listening on 127.0.0.1#953 Feb 09 10:50:48 lapmike3 named[3623]: command channel listening on ::1#953 Feb 09 10:50:48 lapmike3 named[3623]: managed-keys-zone: loaded serial 0 Feb 09 10:50:48 lapmike3 named[3623]: zone 0.0.127.in-addr.arpa/IN: loaded serial 42 Feb 09 10:50:48 lapmike3 named[3623]: zone localhost/IN: loaded serial 42 Feb 09 10:50:48 lapmike3 named[3623]: all zones loaded Feb 09 10:50:48 lapmike3 named[3623]: running Looks much better now! But the question is whether or not this is a good thing to do? Does anyone know if there are any bad consequences to resolving this problem by changing the permissions of /var/named as I have done above? If this is a good solution shouldn't that permission be set that way when the bind package (bind 9.9.2.P1-1) is initially installed, so that it does not then need changing after the install? -- mike c