[OpenIndiana-discuss] OI BIND server
James Carlson
carlsonj at workingcode.com
Thu Apr 12 16:05:09 UTC 2012
Mark Creamer wrote:
> Thanks Dave and Gary for the input. Once I understood where the system
> messages were going I was able to figure out that I had an issue with
> the permissions on the named.conf file I was using. I changed two
> things:
>
> 1. chown root:sys /etc/named.conf (It was root:root)
> 2. chmod 755 /etc/named.conf
>
> Now it starts properly. Can anyone confirm for me that the permissions
> are correct though? I just want to make sure it's secure and I think
> 755 might not be restrictive enough??
There's probably not much sense in making a configuration file be
executable, right?
I'd make it root:root and mode 0640. /usr/sbin/named normally runs as
UID root, GID root, but if it's different on your system, you might need
to adjust. You could check by doing something like this:
ps -o uid,gid,comm -p `pgrep -d, named`
--
James Carlson 42.703N 71.076W <carlsonj at workingcode.com>
More information about the OpenIndiana-discuss
mailing list