[Pdns-users] DNS Forwarding on Master/Slave Servers
Brian Candler
b.candler at pobox.com
Sat May 8 14:20:15 UTC 2021
On 08/05/2021 14:54, Steven Garner wrote:
> Thank you for your continued support and patience. That did it:
>
> Followed the installation steps, and then:
> => Job for pdns.service failed because the control process exited with
> error code.
> => journalctl -xe: Unable to open
> /etc/powerdns/pdns.d/pdns.local.gmysql.conf
> => chmod 666 /etc/powerdns/pdns.d/pdns.local.gmysql.conf
That was bad advice. With mode 666, all system users can see (and
edit!) your SQL passwords.
For better security, make this mode 640 and owned by root:pdns, so ls -l
output looks like this:
-rw-r----- 1 root pdns 17720 Mar 15 09:42 pdns.conf
>
> What is the best practice for keeping PDNS up to date? (apt update &&
> apt -y upgrade ?
Yes.
> or does the fact that I have the /etc/apt/sources.list.d/pdns.list and
> /etc/apt/preferences.d/pdns files set to version 4.4.X keep it
> constrained to that version?)
That is correct as well. The XXXX-auth-44 repos will only ever give you
4.4.x packages, so you'll get patch releases on that branch. When the
time comes to move to 4.5.X, then you'll point to a different repo.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20210508/f58cb118/attachment.htm>
More information about the Pdns-users
mailing list