[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
re: CVS commit: src/external/bsd/bind/dist/bin/named
On Apr 25, 1:31am, mrg%eterna.com.au@localhost (matthew green) wrote:
-- Subject: re: CVS commit: src/external/bsd/bind/dist/bin/named
| Perhaps you are confusing this directory with /var/chroot/named/etc/namedb?
| i'm saying that named should be configured to have this dir as
| the cwd and then the permissions check you removed will pass.
I take it that "this dir" means /var/chroot/named/etc/namedb, then perhaps
yes. I agree although not 100%, since my current tree looks like:
$ ls -al /var/chroot/named/etc/namedb
drwxr-xr-x 6 root wheel 512 Jul 19 2008 ./
drwxr-xr-x 4 root wheel 512 Jul 19 2008 ../
-rw-r--r-- 1 root wheel 259 Dec 3 2004 127
-r--r--r-- 1 root wheel 1525 May 30 2008 Makefile
drwxr-xr-x 2 root wheel 512 Feb 15 2006 RCS/
drwxr-xr-x 2 named named 512 Nov 4 2004 cache/
drwxr-xr-x 3 named named 512 Apr 23 2007 pri/
-r--r--r-- 1 root wheel 2517 Nov 1 2007 root.cache
drwxr-xr-x 2 named named 3584 Apr 24 11:40 sec/
[my primary zones are in pri and my secondary zones in sec]
And I don't really see the need to make the whole namedb directory owned
by named. Even the pri directory does not need to be writable by named.
| the bug here is that your named is running chrooted an unprived
| in /var/chroot/named with cwd, not the etc/namedb subdir.
Well, it needs to chroot there, but then it could chdir() to etc/namedb.
I will look if this is feasible when I get some cycles. For now commenting
out the test is the same behavior that we had in the previous versions
Main Index |
Thread Index |