-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 26 April 2002 01:09 pm, Javier Gostling wrote: > > > I'm not sure if I've misconfigured rndc somehow. I believe I have > > > it set up as detailed in the documentation. rndc only listens on > > > 127.0.0.1, however, it appears that non privileged local users can > > > reload zones and halt named at will. Is this to be expected?
> It seems to me you have a permission problem. I have named installed > from RedHat RPMs and as a regular user I cannot run rndc, because > /etc/rndc.* are owned by root, group named, and permissions are 640. > Fix this and you should be set. Thanks for the reply. It appears that you are correct, although I don't recall intentionally changing permissions on that file. /etc/rndc has 644 permissions owned by root, group root here. [root@tuxfan root]# ls -al /etc/rndc.conf - -rw-r--r-- 1 root root 1199 Apr 20 2001 /etc/rndc.conf [root@tuxfan root]# rpm -qf /etc/rndc.conf bind-9.1.0-10 [root@tuxfan root]# rpm -V bind SM5..UGT c /etc/rndc.conf According to rpm, the permissions on that file should be 600. [root@tuxfan root]# rpm --setperms bind [root@tuxfan root]# ls -al /etc/rndc.conf - -rw------- 1 root root 1199 Apr 20 2001 /etc/rndc.conf [root@tuxfan root]# chown root.named /etc/rndc.conf [root@tuxfan root]# rpm -V bind S.5..U.T c /etc/rndc.conf Changing the permissions and ownership on /etc/rndc solved the problem. [mfratoni@tuxfan mfratoni]$ /usr/sbin/rndc reload rndc: /etc/rndc.conf: permission denied - -- - -Michael pgp key: http://www.tuxfan.homeip.net:8080/gpgkey.txt Red Hat Linux 7.2 in 8M of RAM: http://www.rule-project.org/ - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzJjwMACgkQn/07WoAb/SsQ6ACfbALLVeYVIwBdX+t7nOWR9YkP 11QAnRzjp8AKor8LwSOA7p2QIGYHpzG+ =1FyG -----END PGP SIGNATURE----- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
