[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] regarding named running as root after pkg update...
- Subject: RE: [cobalt-users] regarding named running as root after pkg update...
- From: elmer@xxxxxxxxxxxxxx
- Date: Sat Mar 24 00:43:22 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Sat, 24 Mar 2001, rpaiz@xxxxxxxxxxxxxx wrote:
} Come to think of it, what password should be used for user named, and
} how do we tell the daemon what said password is?
I don't run DNS on Cobalts, but the proceedure isn't any different.
We simply setup a user and group for named. The user name and the
group name can be anything, just don't use any existing user or
group names.
Then just make sure the User/Group has permission to
read/write to the directory in which the zone files are being
stored. We normally just set this directory chmod 0751 - using 0751
instead of 0755 makes it so named can do it's thing but no user with
shell access can view the contents of the directory unless they've
been granted permission to do so.
Once the user name and group is changed on the zone file
directory and the zone files themsleves, we just restart named using
the appropriat flag
/usr/sbin/named/ -g UserName -u UserGroup
The only issue I can forsee on a Cobalt is the ownership of
newly created/edited zone files. Being they are maintained by the
GUI the user/group under which the GUI writes them enters into the
equation. But one could easily write a little shell script to change
their permissions (check first perhaps) every minute or so in order
to keep things under control.
brent