Package: bind9 Version: 1:9.5.0.dfsg.P2-4 Followup-For: Bug #169577
This bug still exists in lenny as of today (bind9/1:9.5.0.dfsg.P2-4) despite it being reported as fixed in bind9/1:9.5.0.dfsg.P2-1. It's easy to demonstrate: marx:~# apt-show-versions bind9 bind9/lenny uptodate 1:9.5.0.dfsg.P2-4 First, with correct permissions we reconfigure bind9 marx:~# ls -l /etc/bind/rndc.key -rw-r----- 1 root bind 77 Jan 8 20:29 /etc/bind/rndc.key marx:~# dpkg-reconfigure bind9 Stopping domain name service...: bind9. Starting domain name service...: bind9. but now we have the wrong permissions: marx:~# ls -l /etc/bind/rndc.key -rw-r----- 1 bind bind 77 Jan 8 20:29 /etc/bind/rndc.key so a restart will fail: marx:~# /etc/init.d/bind9 restart Stopping domain name service...: bind9rndc: connect failed: 127.0.0.1#953: connection refused failed! Starting domain name service...: bind9. so we kill named, fix the permissions and we're OK again: marx:~# pkill bind9 marx:~# chown root.bind /etc/bind/rndc.key marx:~# /etc/init.d/bind9 start Starting domain name service...: bind9. marx:~# /etc/init.d/bind9 restart Stopping domain name service...: bind9. Starting domain name service...: bind9. Clearly the maintainer scripts in bind9/1:9.5.0.dfsg.P2-4 are *still* setting the ownership permissions for /etc/bind/rndc.key incorrectly. What is not clear to me is why ownership of bind.bind does not work. -- System Information: Debian Release: 5.0 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages bind9 depends on: ii adduser 3.110 add and remove users and groups ii bind9utils 1:9.5.0.dfsg.P2-4 Utilities for BIND ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy ii libbind9-40 1:9.5.0.dfsg.P2-4 BIND9 Shared Library used by BIND ii libc6 2.7-16 GNU C Library: Shared libraries ii libcap2 2.11-2 support for getting/setting POSIX. ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [ ii libdns43 1:9.5.0.dfsg.P2-4 DNS Shared Library used by BIND ii libisc44 1:9.5.0.dfsg.P2-4 ISC Shared Library used by BIND ii libisccc40 1:9.5.0.dfsg.P2-4 Command Channel Library used by BI ii libisccfg40 1:9.5.0.dfsg.P2-4 Config File Handling Library used ii libkrb53 1.6.dfsg.4~beta1-4 MIT Kerberos runtime libraries ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries ii liblwres40 1:9.5.0.dfsg.P2-4 Lightweight Resolver Library used ii libssl0.9.8 0.9.8g-14 SSL shared libraries ii libxml2 2.6.32.dfsg-5 GNOME XML library ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip ii netbase 4.34 Basic TCP/IP networking system bind9 recommends no packages. Versions of packages bind9 suggests: ii bind9-doc 1:9.5.0.dfsg.P2-4 Documentation for BIND ii dnsutils 1:9.5.0.dfsg.P2-4 Clients provided with BIND ii resolvconf 1.42 name server information handler pn ufw <none> (no description available) -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
