On Thu, Sep 23, 2004 at 05:03:59PM -0400, Robert Huff wrote: > I have my Bind info in /etc/namedb which is, and should be, > owned by user bind. > However, every time I do installworld (and maybe installkernel) > it complains the directory is not owned by root and changes the > owner. > <*Snarl*> > Is there a knob to tell the scripts to leave the @#$%^&* > directory alone?
Why do you think /etc/namedb should be owned by the bind user? It should be *readable* by the bind user, certainly. As should all of the named.conf and the various zone files inside it. But it really shouldn't be writable. I have things arranged like this: ./etc/namedb: total 16 drwxr-xr-x 5 root wheel 512 Mar 16 2004 ./ drwxr-xr-x 3 root wheel 512 Sep 25 2002 ../ drwxr-xr-x 2 bind bind 512 Sep 29 2002 dump/ -rw-r--r-- 1 root wheel 7753 Mar 16 2004 named.conf -rw-r--r-- 1 root wheel 2602 Jan 31 2004 named.root drwxr-xr-x 2 root wheel 512 Sep 23 19:32 p/ drwxr-xr-x 2 bind bind 512 Sep 25 2002 s/ where the dump directory is where named is configured to do it's database dump and to put its stats files. Directory 'p' (for 'primary') is where I keep the zone files for the zones this server is the master of, and 's' (for 'secondary') is where bind would AXFR or IXFR any zones it was a slave server for -- except there aren't any in my current config. Only 'dump' and 's' need to be writable by the bind user. Don't worry about the leading dot on the file name './etc/namedb' -- I'm actually running bind chrooted, so the directory is really /var/named/etc/namedb. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
Description: PGP signature