Allow only temporary zone updates without making them permanent
Lefteris Tsintjelis
lefty at spes.gr
Wed Jun 26 20:24:42 UTC 2019
On 26/6/2019 22:56, Grant Taylor via bind-users wrote:
> On 6/26/19 1:17 PM, Lefteris Tsintjelis via bind-users wrote:
>> If I set it though, and named no longer has access to modify and
>> rewrite other files but its own, will it break things? What will
>> happen in case of a dynamic update like ACME in this case? Will the
>> update go through?
>
> I think that would be HIGHLY dependent on /how/ named updates files.
>
> Does it try to move (rename) existing files and create /new/ files? Or
> does it rewrite contents of /exiting/ files.
>
> I don't know these particulars. I've never had a problem allowing named
> to have write access to the directory and do what it wants with the
> files therein.
Just to satisfy my curiosity, I will have to do more experimenting but I
believe the best way to deal with this and to avoid possible trouble is
to create an independent zone, just as Tony previously described.
Thank you all
Lefteris
More information about the bind-users
mailing list