Way Wrong! /etc gets set o-rx on named startup!

Christopher Denney chris at isis.bbmbc.org
Mon Feb 5 18:38:13 UTC 2001 

Thanks, 
    named was keying off the controls statement in the named.conf which I
forgot to change, and thus was still pointed at /etc/ndc. After I changed
it, the correct directory (/usr/local/etc/ndc.d) had it's permissions
changed, and /etc did not. whew!

-- 
    -- Cd --                    Christopher Denney
-- 
I have made this letter longer than usual because I lack the time to make it
shorter. -Blaise Pascal

> From: Mark.Andrews at nominum.com
> Date: Sun, 04 Feb 2001 12:04:50 +1100
> To: Christopher Denney <chris at isis.bbmbc.org>
> Cc: bind-users at isc.org
> Subject: Re: Way Wrong! /etc gets set o-rx on named startup!
> 
> 
> BIND 8.2.3 secures the directory containing the UNIX domain
> socket on Solaris (and SunOS 4) because the OS fails to
> honour the file permissions on the socket itself.  This
> was in the README in the for 8.2.2*.
> 
> The default socket is now DESTRUN/ndc.d/ndc on these platforms.
> 
> Mark
>> 
>> This is a real problem for me I just installed 8.2.3 on a Solaris 2.5.1
>> server, and every time I start named it does the functional equivalent of a
>> "chmod o-rx /etc" command. This, of course, hoses my system. Can anyone
>> perhaps enlighten me as to what setting needs modification to rectify this
>> situation? I can't really afford to experiment for what works 'cause my
>> users get bumped every time /etc's permissions get changed.
>> 
>> I did, at one time, have the named.conf in the /etc directory with a soft
>> link from the dir that named actually wanted. (/usr/local/etc) And also had
>> the ndc widget in /etc. Moved both of them to the actual directory that
>> named expects. (default; w/o site files.)
>> 
>> -- 
>> -- Cd --                    Christopher Denney
>> -- 
>> The most exciting phrase to hear in science, the one that heralds new
>> discoveries, is not "Eureka!" (I found it!) but "That's funny ..." -Isaac
>> Asimov
>> 
>> 
> --
> Mark Andrews, Nominum Inc.
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com
>

More information about the bind-users mailing list