Andreas Maus schrieb:
Hi.
While configuring named on my sweet new Soekris 5501 I discovered
a little *uhm* misconfiguration (I would not call it a bug).
By default the permissions of /var/named/master is set to 0755
and owned by root:wheel. named runs in the chroot /var/named
with the user named, group named.
For most operations this permission/ownership is sufficient.
But if you try to use dynamic updates named will fail to create
the required "journals":
15-Jun-2008 16:31:29.885 zone internal.wlan.badphish.dyndns.org/IN: sending
notifies (serial 200806131)
15-Jun-2008 16:40:22.278 client 192.168.254.202#1025: updating zone '11g.wlan.badphish.dyndns.org/IN': adding an RR at 'nibbler.11g.wlan.badphish.dyndns.org' A
15-Jun-2008 16:40:22.279 client 192.168.254.202#1025: updating zone '11g.wlan.badphish.dyndns.org/IN': adding an RR at 'nibbler.11g.wlan.badphish.dyndns.org' TXT
15-Jun-2008 16:40:22.280 journal file master/11g.wlan.badphish.dyndns.org.jnl
does not exist, creating it
15-Jun-2008 16:40:22.280 master/11g.wlan.badphish.dyndns.org.jnl: create:
permission denied
15-Jun-2008 16:40:22.280 client 192.168.254.202#1025: updating zone
'11g.wlan.badphish.dyndns.org/IN': error: journal open failed: unexpected error
and dynmic updates will not work.
Simple fix:
chown named /var/named/master
Is this a known issue? At least the permissions of /var/named/master
is root:wheel since 4.1 (I am using 4.3 right now).
Perhaps can be fixed in 4.4 or is there a special reason to set
/var/named/master to root:wheel?
Many thanks in advance,
Andreas.
propably the file you gave named in the zone-section of named.conf needs
to be existing in the first place. give named sufficient permission to
read and, for dynamic update, to write in it - no bug here and no need
to change directory ownership.
