Package: bind9 Severity: normal seamus:/etc/bind/zones> getfacl belligerence.net # file: belligerence.net # owner: madduck # group: dnsmasters user::rw- group::r-- group:bind:r-- mask::r-- other::---
The system user `bind' *can* read this file: seamus:/etc/bind# su bind -s/bin/zsh -c 'wc -l zones/belligerence.net' 15 zones/belligerence.net yet, when I fire up bind, I get SERVFAIL querying this zone. Only if I set give access to others, chown to bind, or chgrp to bind, then bind will serve the zone. Why is bind trying to duplicate the system's filesystem access control layer? Please don't. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' : proud Debian developer and author: http://debiansystem.info `. `'` `- Debian - when you have better things to do than fixing a system
signature.asc
Description: Digital signature (GPG/PGP)