On 10/01/2020 11:07, Sharone wrote:
I have attempted to comment out the line /extend pdns-rec
/usr/local/bin/pdns_stats /in snmpd.conf file and still gotten the
same error, however changing permissions to the entire directory to
rwx worked but like you mentioned this indeed brings about a security
issue.
Oh well, if that works, you just do tighter permissions - e.g. changing
the directory *group* to "snmp" or "Debian-snmp" as appropriate, and
setting mode 775.
This is what out-of-box recursor has:
root@cache1:~# ls -ld /var/run/pdns-recursor
drwxr-xr-x 2 pdns pdns 60 Dec 12 12:49 /var/run/pdns-recursor
root@cache1:~# ls -l /var/run/pdns-recursor/
total 0
srwxr-xr-x 1 pdns pdns 0 Dec 12 12:49 pdns_recursor.controlsocket
Using pdns:snmp and mode 775 should be fine.
See also the perms for the socket itself:
https://docs.powerdns.com/recursor/settings.html#socket-owner-socket-group-socket-mode
HTH,
Brian.
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
