[PATCH] Create a 'binddns dir' for files used by the bind_dlz module and named

Andrew Bartlett abartlet at samba.org
Wed Aug 23 20:38:23 UTC 2017

On Wed, 2017-08-23 at 16:27 +0200, Andreas Schneider via samba-
technical wrote:
> Hi,
> we have an issue that the files for bind are stored in the private directory. 
> Distributions package the private directory normally with 0700 permissions. So 
> 'named' of bind is not able to access the directory.
> We should have a seperate directory where bind is allowed to enter for 
> security reasons!
> The attached patchset adds a 'binddns dir' parameter which normally ends up 
> with /var/lib/samba/bind-dns as the directory. The changes are fully 
> backwards-compatible and the installation can be upgraded using 
> samba_upgradedns. Then the old files are removed!
> We need this for Samba 4.7!

I like it.  Thanks for taking care not to break our upgrades.

I'll review more carefully and push when I get to work.


Andrew Bartlett
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba-technical mailing list