[Samba] Possible small bug discovered in Samba4 dc sernet + bind9 (Debian)
Oscar Aparicio Holgado
pelucheloko at hotmail.com
Wed Mar 5 15:36:31 MST 2014
Another tip:
better do (more secure):
chown root:bind /var/lib/samba/private/chmod 750 var/lib/samba/private/
> From: pelucheloko at hotmail.com
> To: samba at lists.samba.org
> Date: Wed, 5 Mar 2014 23:31:01 +0100
> Subject: [Samba] Possible small bug discovered in Samba4 dc sernet + bind9 (Debian)
>
> Hi all.
> I have installed sernet-samba-ad success with bind9 from Debian repositories.
> I added:
> tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab"; in /etc/bind/named.conf.options
> and then i added:
> include "/var/lib/samba/private/named.conf"; in /etc/bind/named.conf.local
> After doing this two steps and modified /etc/resolv.conf when you restart bind9 it says error "unable to read /etc/bind/named.conf.local, access denied" Some of the files have root:bind permissions, but /var/lib/samba/private folder have this permissions:
> drwxr-x--- 7 root root 4096 mar 5 23:20 private
> And with this config bind is unable to read some files in that folder, possibly in dns folder.
> if i change the permissions as this:
> drwxr-xr-x 7 root root 4096 mar 5 23:20 private
> Then now you can restart safely bind9 and no more errors of denied files. Would you please confirm this small bug?
>
> Thanks all.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list