Got it! The permissions are corrected. Again, many thanks. Now that I have the latest version of PDNS, I would like to ask for guidance on recursion.
If I want to provide authoritative dns for several hundred public domains, am I correct that (as of version 4.1.0), I need to install PowerDNS Recursor (v 4.5.X) and dnsdist (v 1.6.X) in addition to PowerDNS Authoritative Server (v 4.4.X), to allow for recursion? I'm following the migration plan scenario 2 under https://doc.powerdns.com/authoritative/guides/recursion.html. Steve Garner +1 302 364 0325 (USA) stevenjgar...@gmail.com On Sat, May 8, 2021 at 9:20 AM Brian Candler <b.cand...@pobox.com> wrote: > On 08/05/2021 14:54, Steven Garner wrote: > > Thank you for your continued support and patience. That did it: > > Followed the installation steps, and then: > => Job for pdns.service failed because the control process exited with > error code. > => journalctl -xe: Unable to open > /etc/powerdns/pdns.d/pdns.local.gmysql.conf > => chmod 666 /etc/powerdns/pdns.d/pdns.local.gmysql.conf > > That was bad advice. With mode 666, all system users can see (and edit!) > your SQL passwords. > > For better security, make this mode 640 and owned by root:pdns, so ls -l > output looks like this: > > -rw-r----- 1 root pdns 17720 Mar 15 09:42 pdns.conf > > > What is the best practice for keeping PDNS up to date? (apt update && apt > -y upgrade ? > > Yes. > > > or does the fact that I have the /etc/apt/sources.list.d/pdns.list and > /etc/apt/preferences.d/pdns > files set to version 4.4.X keep it constrained to that version?) > > That is correct as well. The XXXX-auth-44 repos will only ever give you > 4.4.x packages, so you'll get patch releases on that branch. When the time > comes to move to 4.5.X, then you'll point to a different repo. >
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
