named mystery -- error: dumping master file:
master/tmp-wTjhUzoix6
Alex Goncharov
alex-goncharov at comcast.net
Mon Sep 1 15:14:21 UTC 2008
,--- You/Stefan (Mon, 1 Sep 2008 16:20:29 +0200) ----*
|
| Am 01.09.2008 um 15:58 schrieb Alex Goncharov:
|
| > | There's no reason that the named process needs write access
| > | to the master directory. If you use dynamic zone updates,
| > | you should use the "dynamic" directory for those zones,
| > | which is writable by bind.
| >
| > I just tried a simplistic change:
| >
| > a. Changed "type master" to "type dynamic" in named.conf.
| >
| > b. cp master/* dynamic
|
| There no "dynamic" type. You need to change the file path for the
| zone from 'file "master/foo.bar"' to 'file "dynamic/foo.bar"'.
Oh thank you -- why didn't I think of doing that?..
| Maybe reading the Bind Admin Guide or one of the books might be in
There is no question about it: I think I've done adequate reading and
will likely take a look at the Guide again, to see if this situation
and your resolution are described there. By my recollection, it is
not (BIND FAQ discusses permissions for `sl' -- the slave directory,
but this is not the same as "master".) Do you think it is?
Now, how does the argument that master zones should not be dynamically
updatable, and `bind' must not have write permissions over the
directory keeping the master zone files -- how does this live with
your resolution to my problem? I am quite happy to accept it (if down
the road nothing is going to "chown root dynamic") but I don't see
much sense in doing this trick -- my master zone files are as
vulnerable now as if they lived under `master' and the conceptual
structure of the system seems worse to me: after all, what now lives
under `dynamic' is a "master" zone (marked as such in `named.conf').
Thanks a lot for the help, anyway!
-- Alex -- alex-goncharov at comcast.net --
More information about the freebsd-current
mailing list