![]() If it can't write to its journal files, it can't process dynamic updates simple as that. I'm not certain if everybody needs to do this themselves, but I can verify that cPanel installations do not grant named write access by default. The last thing you need to do before you're up and running is to alter the permissions on /var/named so that named has write access to it. So now, can alter its own A record all it likes so long as he provides the right key, but he will not be able to touch 's records no matter what. In simpler terms, the name you give your key MUST match the pattern specified in the update-policy, in this case *. The important parts of this declaration are the key name and the "secret." The "secret" is obviously the key we just generated through openssl above, but they key name needs a little explanation.īack when we specified our update-policy, we told BIND to grant update permissions to a certain zone so long as the name of the user's key matched the zone being updated. ![]() ![]() Secret "YmM1YWQ0ZTQyNjhjZTRhMjE2ZTZmZDMwNDY1ZjgyMTMK" ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
September 2023
Categories |