This procedure describes how to assign the relevant authorizations to a user to manage the named daemon.
For more information about obtaining the appropriate rights to perform specific tasks, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.
# useradd -c "Trusted DNS administrator user" -s /usr/bin/pfbash \ -A solaris.smf.manage.bind user
# svccfg -s dns/server:default svc:/network/dns/server:default> setprop start/user = user svc:/network/dns/server:default> setprop start/group = user svc:/network/dns/server:default> exit
Because only root has write access to create the default process ID file, /var/run/named/named.pid, you must configure the named daemon to use an alternative file.
# mkdir /var/named/tmp # chown user /var/named/tmp
# head /etc/named.conf options { directory "/var/named"; pid-file "/var/named/tmp/named.pid"; };
# svcadm refresh svc:/network/dns/server:default # svcadm restart svc:/network/dns/server:default