[BIND] RE: KSK Rollover
Carl Byington
carl at byington.org
Thu Sep 6 21:34:18 UTC 2018
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Thu, 2018-09-06 at 20:58 +0000, Brent Swingle wrote:
> I left all of the permissions the same and I think they should be
> lenient enough:
> [root at ns3 named]# ls -lh named.secroots
> -rw-rw-rw-. 1 named named 0 Sep 6 13:52 named.secroots
Does the 'named' user have write access to /var/named? The default
redhat setup has /var/named as 0750, with /var/named/data as 0770. Also,
the default redhat selinux config prevents named writing to /var/named.
chmod 770 /var/named
setsebool -P named_write_master_zones=true
rndc secroots
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iEYEAREKAAYFAluRnR8ACgkQL6j7milTFsF2FgCfSt7RIVrO8lK8izQlNn9TadPp
F58Anj81TEmtg34Cpjhh3DqMWEQFUCxA
=NwIr
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list