[Pdns-users] DNS Forwarding on Master/Slave Servers
Steven Garner
stevenjgarner at gmail.com
Sat May 8 15:14:06 UTC 2021
Got it! The permissions are corrected. Again, many thanks.
Now that I have the latest version of PDNS, I would like to ask for
guidance on recursion.
If I want to provide authoritative dns for several hundred public domains,
am I correct that (as of version 4.1.0), I need to install PowerDNS
Recursor (v 4.5.X) and dnsdist (v 1.6.X) in addition to PowerDNS
Authoritative Server (v 4.4.X), to allow for recursion? I'm following the
migration plan scenario 2 under
https://doc.powerdns.com/authoritative/guides/recursion.html.
Steve Garner
+1 302 364 0325 (USA)
stevenjgarner at gmail.com
On Sat, May 8, 2021 at 9:20 AM Brian Candler <b.candler at pobox.com> wrote:
> On 08/05/2021 14:54, Steven Garner wrote:
>
> Thank you for your continued support and patience. That did it:
>
> Followed the installation steps, and then:
> => Job for pdns.service failed because the control process exited with
> error code.
> => journalctl -xe: Unable to open
> /etc/powerdns/pdns.d/pdns.local.gmysql.conf
> => chmod 666 /etc/powerdns/pdns.d/pdns.local.gmysql.conf
>
> That was bad advice. With mode 666, all system users can see (and edit!)
> your SQL passwords.
>
> For better security, make this mode 640 and owned by root:pdns, so ls -l
> output looks like this:
>
> -rw-r----- 1 root pdns 17720 Mar 15 09:42 pdns.conf
>
>
> What is the best practice for keeping PDNS up to date? (apt update && apt
> -y upgrade ?
>
> Yes.
>
>
> or does the fact that I have the /etc/apt/sources.list.d/pdns.list and /etc/apt/preferences.d/pdns
> files set to version 4.4.X keep it constrained to that version?)
>
> That is correct as well. The XXXX-auth-44 repos will only ever give you
> 4.4.x packages, so you'll get patch releases on that branch. When the time
> comes to move to 4.5.X, then you'll point to a different repo.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20210508/dbf0ab88/attachment.htm>
More information about the Pdns-users
mailing list