[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: BIND less restrictive modes and policy

From: Adam Tkac <atkac redhat com>
To: fedora-devel-list redhat com
Subject: Re: BIND less restrictive modes and policy
Date: Tue, 22 Jan 2008 17:08:17 +0100

On Tue, Jan 22, 2008 at 09:19:02AM -0500, Chuck Anderson wrote:
> I think we just need to have the directory specified by "directory" in 
> /etc/named.conf be writeable.  That is the CWD of the named process, 
> and is where any coredumps would be written.  So perhaps instead of 
> doing this overhaul of directory layout and permissions, we can just 
> change the default directory to "/var/named/data" instead:
> 
> options {
>         directory "/var/named/data";
> 
> This will affect zone file configurations--they will need to use 
> either the full path to the zone file, or perhaps a relative path like 
> "../slaves/foo.zone" which I've not tested to see if it works, e.g.:
> 
> zone "localhost" {
>                 type master;
>                 file "../localhost";
> };
> 

It works as expected, relative paths are allowed.

Adam

-- 
Adam Tkac, Red Hat, Inc.

References:
- BIND less restrictive modes and policy
  - From: Adam Tkac
- Re: BIND less restrictive modes and policy
  - From: Florian La Roche
- Re: BIND less restrictive modes and policy
  - From: Adam Tkac
- Re: BIND less restrictive modes and policy
  - From: Chuck Anderson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]