Bug#619694: bind9: wrong owner/permission for /etc/bind

Sat, 26 Mar 2011 00:30:21 -0700 

Package: bind9
Version: 1:9.7.2.dfsg.P3-1.1
Severity: normal

While named runs as user "bind" by default, the configuration file directory,
/etc/bind, is owned by root and not writable by anyone other than root.
This effectively prevents named from creating any files in the directory,
for example in the case where dynamic update is enabled.
I suggest making /etc/bind group-writable.

-- System Information:
Debian Release: 6.0.1
  APT prefers squeeze-updates
  APT policy: (500, 'squeeze-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages bind9 depends on:
ii  adduser              3.112+nmu2          add and remove users and groups
ii  bind9utils           1:9.7.2.dfsg.P3-1.1 Utilities for BIND
ii  debconf [debconf-2.0 1.5.36.1            Debian configuration management sy
ii  libbind9-60          1:9.7.2.dfsg.P3-1.1 BIND9 Shared Library used by BIND
ii  libc6                2.11.2-10           Embedded GNU C Library: Shared lib
ii  libcap2              1:2.19-3            support for getting/setting POSIX.
ii  libdb4.8             4.8.30-2            Berkeley v4.8 Database Libraries [
ii  libdns69             1:9.7.2.dfsg.P3-1.1 DNS Shared Library used by BIND
ii  libgssapi-krb5-2     1.8.3+dfsg-4        MIT Kerberos runtime libraries - k
ii  libisc62             1:9.7.2.dfsg.P3-1.1 ISC Shared Library used by BIND
ii  libisccc60           1:9.7.2.dfsg.P3-1.1 Command Channel Library used by BI
ii  libisccfg62          1:9.7.2.dfsg.P3-1.1 Config File Handling Library used 
ii  libldap-2.4-2        2.4.23-7            OpenLDAP libraries
ii  liblwres60           1:9.7.2.dfsg.P3-1.1 Lightweight Resolver Library used 
ii  libssl0.9.8          0.9.8o-4squeeze1    SSL shared libraries
ii  libxml2              2.7.8.dfsg-2        GNOME XML library
ii  lsb-base             3.2-23.2squeeze1    Linux Standard Base 3.2 init scrip
ii  net-tools            1.60-23             The NET-3 networking toolkit
ii  netbase              4.45                Basic TCP/IP networking system

bind9 recommends no packages.

Versions of packages bind9 suggests:
ii  bind9-doc            1:9.7.2.dfsg.P3-1.1 Documentation for BIND
ii  dnsutils             1:9.7.2.dfsg.P3-1.1 Clients provided with BIND
pn  resolvconf           <none>              (no description available)
pn  ufw                  <none>              (no description available)

-- Configuration Files:
/etc/bind/named.conf.local changed [not included]
/etc/bind/named.conf.options changed [not included]
/etc/bind/zones.rfc1918 changed [not included]

-- debconf information:
  bind9/different-configuration-file:
  bind9/run-resolvconf: true
  bind9/start-as-user: bind



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to