[Pdns-users] pdns-recursor Permissions Error
Sharone
missakiiki at gmail.com
Fri Jan 10 13:32:43 UTC 2020
Thank you all for the generous and tremendous support.
I have traffic on Cacti from my recursive servers now.
Have a lovely weekend.
Regards,
Sharone
On Fri, 10 Jan 2020 at 14:30, Brian Candler <b.candler at pobox.com> wrote:
> On 10/01/2020 11:07, Sharone wrote:
>
> I have attempted to comment out the line *extend pdns-rec
> /usr/local/bin/pdns_stats *in snmpd.conf file and still gotten the same
> error, however changing permissions to the entire directory to rwx worked
> but like you mentioned this indeed brings about a security issue.
>
> Oh well, if that works, you just do tighter permissions - e.g. changing
> the directory *group* to "snmp" or "Debian-snmp" as appropriate, and
> setting mode 775.
>
> This is what out-of-box recursor has:
>
> root at cache1:~# ls -ld /var/run/pdns-recursor
> drwxr-xr-x 2 pdns pdns 60 Dec 12 12:49 /var/run/pdns-recursor
>
> root at cache1:~# ls -l /var/run/pdns-recursor/
> total 0
> srwxr-xr-x 1 pdns pdns 0 Dec 12 12:49 pdns_recursor.controlsocket
>
> Using pdns:snmp and mode 775 should be fine.
>
> See also the perms for the socket itself:
> https://docs.powerdns.com/recursor/settings.html#socket-owner-socket-group-socket-mode
>
> HTH,
>
> Brian.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20200110/5c915578/attachment.htm>
More information about the Pdns-users
mailing list