mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-23 12:51:06 +01:00
0fcd844921
write to. This is specified in "options { directory }" in named.conf. So, create /etc/namedb/working with appropriate permissions, and update the entry in named.conf to match. In addition to specifying the working directory, file and path names in named.conf can be specified relative to the directory listed. However, since that directory is now different from /etc/namedb (where the configuration, zone, rndc.*, and other files are located) further update named.conf to specify all file names with fully qualified paths. Also update the comment about file and path names so users know this should be done for all file/path names in the file. This change will eliminate the 'working directory is not writable' messages at boot time without sacrificing security. It will also allow for features in newer versions of BIND (9.7+) to work as designed.
36 lines
611 B
Plaintext
36 lines
611 B
Plaintext
# $FreeBSD$
|
|
#
|
|
# Please see the file src/etc/mtree/README before making changes to this file.
|
|
#
|
|
|
|
/set type=dir uname=root gname=wheel mode=0755
|
|
.
|
|
dev mode=0555
|
|
..
|
|
etc
|
|
namedb
|
|
dynamic uname=bind
|
|
..
|
|
master
|
|
..
|
|
slave uname=bind
|
|
..
|
|
working uname=bind
|
|
..
|
|
..
|
|
..
|
|
/set type=dir uname=bind gname=wheel mode=0755
|
|
var uname=root
|
|
dump
|
|
..
|
|
log
|
|
..
|
|
run
|
|
named
|
|
..
|
|
..
|
|
stats
|
|
..
|
|
..
|
|
..
|