Permissions change after running dnssec-settime bind 9.9.0rc2
Evan Hunt
each at isc.org
Wed Feb 1 04:56:32 UTC 2012
> Now the private key is inaccessible to the named process, which is
> running as user bind. User bind is a member of group bind.
Any time a private key file is rewritten, the mode is changed to 600.
There's no rule that it has to be owned by root, though; could you just
chown it to user bind?
> Aside from this, is the permissions change made by dnssec-settime a
> feature or a bug?
I consider it a feature, though opinions may vary.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list