mirror of
https://github.com/samba-team/samba.git
synced 2025-08-04 08:22:08 +03:00
s4-provision: fix permissions on generated DNS zone file
The zone file needs to be writeable by bind to allow for it to flush its journal on dynamic updates Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
@ -1525,15 +1525,7 @@ def create_zone_file(message, paths, setup_path, dnsdomain,
|
|||||||
except OSError:
|
except OSError:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
os.mkdir(dns_dir, 0770)
|
os.mkdir(dns_dir, 0775)
|
||||||
# chmod needed to cope with umask
|
|
||||||
os.chmod(dns_dir, 0770)
|
|
||||||
|
|
||||||
if paths.bind_gid is not None:
|
|
||||||
try:
|
|
||||||
os.chown(dns_dir, -1, paths.bind_gid)
|
|
||||||
except OSError:
|
|
||||||
message("Failed to chown %s to bind gid %u" % (dns_dir, paths.bind_gid))
|
|
||||||
|
|
||||||
setup_file(setup_path("provision.zone"), paths.dns, {
|
setup_file(setup_path("provision.zone"), paths.dns, {
|
||||||
"HOSTNAME": hostname,
|
"HOSTNAME": hostname,
|
||||||
@ -1549,6 +1541,16 @@ def create_zone_file(message, paths, setup_path, dnsdomain,
|
|||||||
"HOSTIP6_HOST_LINE": hostip6_host_line,
|
"HOSTIP6_HOST_LINE": hostip6_host_line,
|
||||||
})
|
})
|
||||||
|
|
||||||
|
if paths.bind_gid is not None:
|
||||||
|
try:
|
||||||
|
os.chown(dns_dir, -1, paths.bind_gid)
|
||||||
|
os.chown(paths.dns, -1, paths.bind_gid)
|
||||||
|
# chmod needed to cope with umask
|
||||||
|
os.chmod(dns_dir, 0775)
|
||||||
|
os.chmod(paths.dns, 0664)
|
||||||
|
except OSError:
|
||||||
|
message("Failed to chown %s to bind gid %u" % (dns_dir, paths.bind_gid))
|
||||||
|
|
||||||
|
|
||||||
def create_named_conf(paths, setup_path, realm, dnsdomain,
|
def create_named_conf(paths, setup_path, realm, dnsdomain,
|
||||||
private_dir):
|
private_dir):
|
||||||
|
Reference in New Issue
Block a user