[ LUGOS ] dns, named, ndc... stuff...
j
j at aufbix.org
Fri Feb 16 01:15:36 CET 2001
> Jaz se nisem odkril workarounda. Ce named-a ne laufas kot root, potem ndc
ni
> najbolj uporaben za reloadanje. kill in ponoven zagon deluje ;-] Tudi ce
> reces su named, je socket /var/run/ndc (pri meni) se vedno owned by root,
> ergo ne gre.
http://www.isc.org/products/BIND/docs/config/controls.html
Syntax
controls {
[ inet ip_addr
port ip_port
allow { address_match_list; }; ]
[ unix path_name
perm number
owner number
group number; ]
};
----------------------------------------------------------------------------
----
Definition and Usage
The controls statement declares control channels to be used by system
administrators to affect the operation of the local name server. These
control channels are used by the ndc utility to send commands to and
retrieve non-DNS results from a name server.
A unix control channel is a FIFO in the file system, and access to it is
controlled by normal file system permissions. It is created by named with
the specified file mode bits (see the chmod(1) manual page), user and group
owner. Note that, unlike chmod, the mode bits specified for perm will
normally have a leading 0 so the number is interpreted as octal. Also note
that the user and group ownership specified as owner and group must be given
as numbers, not names. It is recommended that the permissions be restricted
to administrative personnel only, or else any user on the system might be
able to manage the local name server.
An inet control channel is a TCP/IP socket accessible to the Internet,
created at the specified ip_port on the specified ip_addr. Modern telnet
clients are capable of speaking directly to these sockets, and the control
protocol is ARPAnet-style text. It is recommended that 127.0.0.1 be the only
ip_addr used, and this only if you trust all non-privileged users on the
local host to manage your name server.
More information about the lugos-list
mailing list