From: Vivek Khera <khera@kcilink.com> To: freebsd-questions@freebsd.org Subject: Re: TSIG with BIND requires chmod+chgrp /etc/namedb References: <3DC26134.27868.57480335@localhost>
| previous in thread | raw e-mail | index | archive | help
>>>>> "DL" == Dan Langille <dan@langille.org> writes: DL> It appears that using TSIG with BIND for secondary domains requires a DL> chmod and chgrp of /etc/namedb. [ ... ] DL> I don't really liked having to change the permission of /etc/namedb DL> especially as that will be necessary for people runnning secondary DL> DNS for me. This looks like a re-run of a posting you made a while back, but what I do is just tell named.conf that /etc/namedb/secondaries is my main directory, and that directory has write permissions for bind already. I then use "../master/foo.com" as the directory for any master zones I host. What this accomplishes is that the TSIG temp files are written in the secondaries subdirectory, and no other directories can be written to by bind, preserving the sandbox. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Vivek Khera, Ph.D. Khera Communications, Inc. Internet: khera@kciLink.com Rockville, MD +1-240-453-8497 AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?>