From owner-freebsd-net@FreeBSD.ORG Sun Aug 3 16:56:21 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DB364106564A for ; Sun, 3 Aug 2008 16:56:21 +0000 (UTC) (envelope-from eugen@kuzbass.ru) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.freebsd.org (Postfix) with ESMTP id 37AD28FC0C for ; Sun, 3 Aug 2008 16:56:20 +0000 (UTC) (envelope-from eugen@kuzbass.ru) Received: from www.svzserv.kemerovo.su (eugen@localhost [127.0.0.1]) by www.svzserv.kemerovo.su (8.13.8/8.13.8) with ESMTP id m73GuHeb046113; Mon, 4 Aug 2008 00:56:17 +0800 (KRAST) (envelope-from eugen@www.svzserv.kemerovo.su) Received: (from eugen@localhost) by www.svzserv.kemerovo.su (8.13.8/8.13.8/Submit) id m73GuHbb046112; Mon, 4 Aug 2008 00:56:17 +0800 (KRAST) (envelope-from eugen) Date: Mon, 4 Aug 2008 00:56:17 +0800 From: Eugene Grosbein To: Ian Smith Message-ID: <20080803165617.GA45778@svzserv.kemerovo.su> References: <20080803144719.GA33577@svzserv.kemerovo.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i Cc: net@freebsd.org Subject: Re: permissions on /etc/namedb X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Aug 2008 16:56:21 -0000 > So hacking /etc/rc.d/named in chroot_autoupdate to do something like: > > files_bind_writes='named.run' # whatever > for f in ${files_bind_writes}; do > touch ${named_chrootdir}/etc/namedb/${f} > chown bind:wheel ${named_chrootdir}/etc/namedb/${f} > done > > wouldn't work for you? I don't like the idea to write fixed list of file names; I'd like to use file system permissions to give bind right to write to directory, they (perms) exist exactly for that. Eugene Grosbein