Date: Fri, 01 Nov 2002 11:10:44 -0500 From: "Dan Langille" <dan@langille.org> To: freebsd-questions@freebsd.org Subject: TSIG with BIND requires chmod+chgrp /etc/namedb Message-ID: <3DC26134.27868.57480335@localhost>
next in thread | raw e-mail | index | archive | help
It appears that using TSIG with BIND for secondary domains requires a
chmod and chgrp of /etc/namedb.
I've been adding TSIG to varioius domains. But I've found that on my
slave servers, I've had to set the directory permissions as this:
$ ls -ld /etc/namedb/
drwxrwxr-x 4 root bind 512 Oct 15 09:26 /etc/namedb/
$ ls -ld /etc/namedb/secondary/
drwxr-x--- 2 bind bind 512 Oct 15 09:25 /etc/namedb/secondary/
The original permissions on /etc/namedb are:
drwxr-xr-x 2 root wheel 512 Mar 9 2002 /etc/namedb
named is running as: /usr/sbin/named -u bind -g bind
Some bits from /etc/namedb/named.conf:
options {
directory "/etc/namedb";
I don't really liked having to change the permission of /etc/namedb
especially as that will be necessary for people runnning secondary
DNS for me.
Any comments/suggestions?
--
Dan Langille
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DC26134.27868.57480335>