Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
eb2ef7b5
Commit
eb2ef7b5
authored
Oct 25, 2017
by
Evan Hunt
Browse files
[master] check new-zones-directory
4789. [cleanup] Check writability of new-zones-directory. [RT #46308]
parent
aebdc6cd
Changes
5
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
eb2ef7b5
4789. [cleanup] Check writability of new-zones-directory. [RT #46308]
4788. [cleanup] When using "update-policy local", log a warning
when an update matching the session key is received
from a remote host. [RT #46213]
...
...
bin/named/server.c
View file @
eb2ef7b5
...
...
@@ -7051,6 +7051,13 @@ setup_newzones(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig,
dir
,
isc_result_totext
(
result
));
return
(
result
);
}
if
(
access
(
dir
,
DIR_PERM_OK
)
!=
0
)
{
isc_log_write
(
named_g_lctx
,
NAMED_LOGCATEGORY_GENERAL
,
NAMED_LOGMODULE_SERVER
,
ISC_LOG_ERROR
,
"new-zones-directory '%s' "
"is not writable"
,
dir
);
return
(
ISC_R_NOPERM
);
}
dns_view_setnewzonedir
(
view
,
dir
);
}
...
...
bin/tests/system/runtime/ns2/named-alt6.conf
0 → 100644
View file @
eb2ef7b5
/*
*
Copyright
(
C
)
2017
Internet
Systems
Consortium
,
Inc
. (
"ISC"
)
*
*
This
Source
Code
Form
is
subject
to
the
terms
of
the
Mozilla
Public
*
License
,
v
.
2
.
0
.
If
a
copy
of
the
MPL
was
not
distributed
with
this
*
file
,
You
can
obtain
one
at
http
://
mozilla
.
org
/
MPL
/
2
.
0
/.
*/
options
{
new
-
zones
-
directory
"./nope"
;
port
5300
;
pid
-
file
"../named.pid"
;
listen
-
on
{
127
.
0
.
0
.
1
; };
listen
-
on
-
v6
{
none
; };
recursion
no
;
};
bin/tests/system/runtime/tests.sh
View file @
eb2ef7b5
...
...
@@ -73,6 +73,17 @@ grep "managed-keys-directory './nope' is not writable" ns2/named.run > /dev/null
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
n
=
`
expr
$n
+ 1
`
echo
"I: checking that named refuses to reconfigure if new-zones-directory is not writable (
$n
)"
ret
=
0
cp
-f
ns2/named-alt6.conf ns2/named.conf
$RNDC
-c
../common/rndc.conf
-s
10.53.0.2
-p
9953 reconfig
>
rndc.out.
$n
2>&1
grep
"failed: permission denied"
rndc.out.
$n
>
/dev/null 2>&1
||
ret
=
1
sleep
1
grep
"new-zones-directory './nope' is not writable"
ns2/named.run
>
/dev/null 2>&1
||
ret
=
1
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
n
=
`
expr
$n
+ 1
`
echo
"I: checking that named refuses to start if working directory is not writable (
$n
)"
ret
=
0
...
...
doc/arm/Bv9ARM-book.xml
View file @
eb2ef7b5
...
...
@@ -4988,7 +4988,9 @@ badresp:1,adberr:0,findfail:0,valfail:0]
Specifies the directory in which to store the configuration
parameters for zones added via <command>rndc addzone</command>.
By default, this is the working directory. If set to a relative
path, it will be relative to the working directory.
path, it will be relative to the working directory. The
directory <emphasis>must</emphasis> be writable by the
effective user ID of the <command>named</command> process.
</para>
</listitem>
</varlistentry>
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment