Kai Schaetzl wrote:
Brian Mathis wrote on Thu, 21 Jan 2010 09:38:12 -0500:
I don't think you'd want a compromised named to be able to make
changes to your authoritative DNS records, which is what could happen
if you have permissions set that way.
But why does named then report it right
Kai Schaetzl wrote on Tue, 19 Jan 2010 23:31:33 +0100:
No. I usually see some change in the permissions
(/var/named/chroot/var/named/ loses group write and named logs some
complaints but still works) when updating named.
And sure enought that happened with latest bind update today again.
Kai Schaetzl wrote on Thu, 21 Jan 2010 13:00:48 +0100:
I wonder now if the owner of
that directory should actually be named?
Hm, after looking on other machines that have named installed but not in
use it's excactly the same there. So, if named wants write permission
there, but the rpm
Kai Schaetzl wrote:
Kai Schaetzl wrote on Thu, 21 Jan 2010 13:00:48 +0100:
I wonder now if the owner of
that directory should actually be named?
Hm, after looking on other machines that have named installed but not in
use it's excactly the same there. So, if named wants write
On Thu, Jan 21, 2010 at 8:20 AM, Kai Schaetzl mailli...@conactive.com wrote:
Kai Schaetzl wrote on Thu, 21 Jan 2010 13:00:48 +0100:
I wonder now if the owner of
that directory should actually be named?
Hm, after looking on other machines that have named installed but not in
use it's
Brian Mathis wrote:
On Thu, Jan 21, 2010 at 8:20 AM, Kai Schaetzl mailli...@conactive.com wrote:
Kai Schaetzl wrote on Thu, 21 Jan 2010 13:00:48 +0100:
I wonder now if the owner of
that directory should actually be named?
Hm, after looking on other machines that have named
Brian Mathis wrote on Thu, 21 Jan 2010 09:38:12 -0500:
I don't think you'd want a compromised named to be able to make
changes to your authoritative DNS records, which is what could happen
if you have permissions set that way.
But why does named then report it right after the update?
Jan 21
Bowie Bailey wrote on Thu, 21 Jan 2010 09:34:02 -0500:
# ll /var/named/chroot/var/
total 24
drwxr-x--- 4 root named 4096 Aug 25 2004 named
drwxrwx--- 3 root named 4096 Mar 13 2003 run
that has no group write permission here.
drwxrwx--- 2 named named
It seems to be working, but I get this complaint (I see it as a complaint)
each time named gets restarted - until I give it write permission for that
directory.
This is RedHat's policy for bind. The working directory does not need to
be writable, and RH's bind maintainer Adam Tkac has
lheck...@users.sourceforge.net wrote on Thu, 21 Jan 2010 16:48:10 +:
This is RedHat's policy for bind. The working directory does not need to
be writable, and RH's bind maintainer Adam Tkac has explained this on
numerous
occasions.
Thanks for the hint. I cannot see that he explained
Les Mikesell wrote:
On 1/19/2010 5:26 PM, Brian Mathis wrote:
On Tue, Jan 19, 2010 at 3:51 PM, Bowie Baileybowie_bai...@buc.com wrote:
I updated my secondary DNS server from 5.3 to 5.4 today. After the
update, named would not start. A bit of investigation found that all of
the
I updated my secondary DNS server from 5.3 to 5.4 today. After the
update, named would not start. A bit of investigation found that all of
the files in /var/named/chroot/var/named/data had been turned into links
to themselves!
Fortunately, since this is a secondary DNS, all I had to do was
Bowie Bailey wrote on Tue, 19 Jan 2010 15:51:40 -0500:
Has anyone else seen this problem?
No. I usually see some change in the permissions
(/var/named/chroot/var/named/ loses group write and named logs some
complaints but still works) when updating named. I think I've seen this
happen
On Tue, Jan 19, 2010 at 3:51 PM, Bowie Bailey bowie_bai...@buc.com wrote:
I updated my secondary DNS server from 5.3 to 5.4 today. After the
update, named would not start. A bit of investigation found that all of
the files in /var/named/chroot/var/named/data had been turned into links
to
On 1/19/2010 5:26 PM, Brian Mathis wrote:
On Tue, Jan 19, 2010 at 3:51 PM, Bowie Baileybowie_bai...@buc.com wrote:
I updated my secondary DNS server from 5.3 to 5.4 today. After the
update, named would not start. A bit of investigation found that all of
the files in
15 matches
Mail list logo
