named rc.d
Gregory Shapiro
gshapiro at freebsd.org
Wed Aug 2 06:35:47 UTC 2006
> Apologies if posted to wrong list, the rc.d script for named chowns
> /etc/namedb to root:wheel if set to bind:bind why is this? A slave
> named server running as bind user cannot download new slave zones if
> dir ownership is root or update it if file ownerships are root which I
> sometimes see.
Slave zones should be put in the slave subdirectory which is owned by
bind. You want as few directories/files owned by the bind "run as" user
as possible to prevent damage if that user becomes compromised.
More information about the freebsd-stable
mailing list