Fix config permissions #90
Conversation
|
Is there a specific error message happening to tell you this? We may want to cover this via testing if possible. |
|
So reloading configuration via #89 outlines the error experienced |
|
This is awaiting #92 |
The default permissions were too strict. We didn't want the config files writeable by PowerDNS becuase it's not necessary for operation but they need to be readable x.x This splits the difference by not making them world readable but making the pdns user the group. This might be a touch too far and we may want to 644 and make the user and group that set by the resource. Feedback welcome. Signed-off-by: David Aronsohn <WagThatTail@Me.com>
onlyhavecans
force-pushed
the
fix_config_permissions
branch
from
4e901a4
to
b9a5c7b
Compare
|
@mengesb What command exactly were you running? reload-zones I assume from your error message? I would like to write some regression tests |
|
Yeah my first command was |
|
testing If you want to test your handling of |
|
for server; it's pdnsutil |
|
Failure: Success: output it to STDOUT in all cases; exit's 0 all the time I'll have to get you pdnsutil output later |
Signed-off-by: David Aronsohn <WagThatTail@Me.com>
|
w00t!
…On Mar 8, 2018 14:22, "David Aronsohn" ***@***.***> wrote:
Merged #90 <#90>.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#90 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ABUHF5YBX1LewiN-fvdACisi71Gq6MF3ks5tca8TgaJpZM4SZFXd>
.
|
The default permissions were too strict. We didn't want the config files writeable by PowerDNS because it's not necessary for operation, but they need to be readable x.x
This PR splits the difference by not making the files world readable but making them the group set by the resource.
This might be a touch too far, and we may want to 644 and make the user and group that set the resource.
Feedback welcome.
Fixes: #89