Possible BIND setup bugs
Daniel McNamara
daniel at codefish.net.au
Fri Oct 17 00:44:12 UTC 2003
Hi there,
Just two items with the bind install on a fresh fedora test 3 install
(minimal with bind installed later).
a) unlike previous fresh installs of bind with earlier fedora tests the
/etc/rndc.key file does not seem to contain a pregenerated secret key with
the suppled file containing:
key "rndckey" {
algorithm hmac-md5;
secret "@KEY@";
};
It would seem as part of the generation process the key is not being made.
I'm not sure if this is a delibrate move to foce users to make their own
key or an actual issue. It does however prevent named from working
"out-of-the-box".
b) Once a key is generated named then works fine, however the default
permissions on the /var/named directory do prevent the commands:
rndc dumpdb
rndc stats
>From outputing their results (as they dump files into /var/named)
The default permissions set on /var/named are:
drwxr-x--- 2 root named 4096 Oct 16 22:27 named
Since when using the rndc commans above the output is run as the named
users (regardless of which local user ran the command) it can not write to
the directory. However I have a funny feeling that these permissions are
set for security reasons. Can anyone clear these two issues up for me?
Cheers
Daniel
--------------------------------------------------
Sent from Code Fish Web Mail
Code Fish - Fishing for clues
http://www.codefish.net.au
--------------------------------------------------
More information about the fedora-test-list
mailing list