1 files changed, 13 insertions, 1 deletions

diff --git a/source/n/bind/default.named b/source/n/bind/default.named
index 50e18664b..5c59298df 100644
--- a/source/n/bind/default.named
+++ b/source/n/bind/default.named
@@ -1,7 +1,7 @@
 # User to run named as:
 NAMED_USER=named
 
-# Group to use for chowning named related files and directories.
+# Group to use for named related files and directories.
 # By default, named will also run as the primary group of $NAMED_USER,
 # which will usually be the same as what's listed below, but not
 # necessarily if something other than the default of "named" is used.
@@ -10,3 +10,15 @@ NAMED_GROUP=named
 # Options to run named with. At least -u $NAMED_USER is required, but
 # additional options may be added if needed.
 NAMED_OPTIONS="-u $NAMED_USER"
+
+# If this is set to YES, then before starting named the startup script
+# will make sure that /etc/rndc.key (if it exists) and the enitre contents
+# of /var/named are chowned to $NAMED_USER:$NAMED_GROUP. If some of these
+# files are improperly owned, named will refuse to start or may now work
+# properly. This is also a useful setting when upgrading from an older BIND
+# package that would run as root.
+#
+# If NAMED_CHOWN is set to anything else (or is unset), then these files
+# will not be chowned automatically and the admin will handle any required
+# file ownerships.
+NAMED_CHOWN=NO