Hi, El 16/01/23 a las 18:29, Simone Piccardi escribió: > Package: isc-dhcp-server > Version: 4.4.3-P1-1.1 > Severity: normal > > Dear Maintainer, > > > After upgrading from version 4.4.3-P1-1 to 4.4.3-P1-1.1 the added > apparmor configurations block the include of files outside /etc/dhcp/, > like DDNS TSIG keys definition that are usually installed under > /etc/bind.
As commented in usr.sbin.dhcpd: # access to bind9 keys for dynamic update # It's expected that users will generate one key per zone and have it # stored in both /etc/bind9 (for bind to access) and /etc/dhcp/ddns-keys # (for dhcpd to access). /etc/dhcp/ddns-keys/** r, See also https://wiki.debian.org/DDNS > I can understand avoiding to read files everywhere, but the use of > TSIG keys defined by bind with is quite a common usage, that stop > working with misleading permission denied error for readable files. > > This break previously working configurations, whitout a note in > the changelog. > Indeed, unfortunately the NMU is missing a changelog update. Cheers, -- Santiago
signature.asc
Description: PGP signature