jiny admin dns nez root
Milan Roubal
roubm9am na barbora.ms.mff.cuni.cz
Sobota Červen 28 12:26:27 CEST 2003
Pokousite se pristupovat k privilegovanemu portu 53
uzivatelem ktery neni root.
Zdravi
Milan Roubal
----- Original Message -----
From: "Pavel Benisek" <pavel.benisek na vogel.cz>
To: <linux na linux.cz>
Sent: Saturday, June 28, 2003 12:20 PM
Subject: jiny admin dns nez root
Dobry den,
potrebuji na serveru uzivateli kompletne predat spravu dns.
nastavil jsem v souboru /etc/init.d/named startovani pod timto uzivatelem:
start-stop-daemon --start --quiet --exec /usr/sbin/named -- -u uzivatel
-n $CPU $OPTIONS ${CHROOT:+-t $CHROOT}
privlastnil jsem mu soubory:
/etc/named/named.conf
/var/bind/*
.. a adresar:
/var/run/named
pokud nyni spustim named jako root, tak vsechno jede jak by melo a
uzivatel ma pristup ke konfiguraci.
Bohuzel kdyz ji zmeni, neni schopen pouzit start-stop-daemona pro restart:
/etc/init.d/named stop
-probehne v poradku
/etc/init.d/named start
-do konzole vypise ze probehl v poradku, ale nenastartuje se, V logu je:
Jun 28 12:19:04 ns named[21638]: starting BIND 9.2.2 -u uzivatel -n 1
Jun 28 12:19:04 ns named[21638]: using 1 CPU
Jun 28 12:19:04 ns named[21641]: loading configuration from
'/etc/bind/named.conf'
Jun 28 12:19:04 ns named[21641]: listening on IPv4 interface lo,
127.0.0.1#53
Jun 28 12:19:04 ns named[21641]: could not listen on UDP socket:
permission denied
Jun 28 12:19:04 ns named[21641]: creating IPv4 interface lo failed;
interface ignored
Jun 28 12:19:04 ns named[21641]: listening on IPv4 interface eth0,
195.146.99.156#53
Jun 28 12:19:04 ns named[21641]: could not listen on UDP socket:
permission denied
Jun 28 12:19:04 ns named[21641]: creating IPv4 interface eth0 failed;
interface ignored
Jun 28 12:19:04 ns named[21641]: not listening on any interfaces
Jun 28 12:19:04 ns named[21641]: could not get query source dispatcher
Jun 28 12:19:04 ns named[21641]: loading configuration: permission denied
Jun 28 12:19:04 ns named[21641]: exiting (due to fatal error)
Netusite co s tim?
Diky
Pavel Benisek
Další informace o konferenci Linux