[Pdns-users] DNS Forwarding on Master/Slave Servers

Brian Candler b.candler at pobox.com
Sat May 8 14:20:15 UTC 2021

On 08/05/2021 14:54, Steven Garner wrote:
> Thank you for your continued support and patience.  That did it:
> Followed the installation steps, and then:
> => Job for pdns.service failed because the control process exited with 
> error code.
> => journalctl -xe:  Unable to open 
> /etc/powerdns/pdns.d/pdns.local.gmysql.conf
> => chmod 666 /etc/powerdns/pdns.d/pdns.local.gmysql.conf

That was bad advice.  With mode 666, all system users can see (and 
edit!) your SQL passwords.

For better security, make this mode 640 and owned by root:pdns, so ls -l 
output looks like this:

-rw-r----- 1 root pdns 17720 Mar 15 09:42 pdns.conf

> What is the best practice for keeping PDNS up to date?  (apt update && 
> apt -y upgrade ?


> or does the fact that I have the /etc/apt/sources.list.d/pdns.list and 
> /etc/apt/preferences.d/pdns files set to version 4.4.X keep it 
> constrained to that version?)

That is correct as well.  The XXXX-auth-44 repos will only ever give you 
4.4.x packages, so you'll get patch releases on that branch.  When the 
time comes to move to 4.5.X, then you'll point to a different repo.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20210508/f58cb118/attachment.htm>

More information about the Pdns-users mailing list