[PATCH] Create a 'binddns dir' for files used by the bind_dlz module and named
abartlet at samba.org
Wed Aug 23 20:38:23 UTC 2017
On Wed, 2017-08-23 at 16:27 +0200, Andreas Schneider via samba-
> we have an issue that the files for bind are stored in the private directory.
> Distributions package the private directory normally with 0700 permissions. So
> 'named' of bind is not able to access the directory.
> We should have a seperate directory where bind is allowed to enter for
> security reasons!
> The attached patchset adds a 'binddns dir' parameter which normally ends up
> with /var/lib/samba/bind-dns as the directory. The changes are fully
> backwards-compatible and the installation can be upgraded using
> samba_upgradedns. Then the old files are removed!
> We need this for Samba 4.7!
I like it. Thanks for taking care not to break our upgrades.
I'll review more carefully and push when I get to work.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical