Menu

#4628 Webmin 1.76 on Debian Wheezy (7.8) does not show available dns zone to non-root user

1.760
open
nobody
None
5
2015-08-12
2015-08-05
tobi
No

I currently experimenting with the bind module of webmin. I'm running a non-chrooted bind in version 9.8.4.
As root user I created a zone which the root user can see and edit. Then I wanted to add a additional user, which can only edit that zone. I choose the domain from the allowed domains list for that user, but after login as that user there comes an error message "There are no DNS zones defined for this name server". This error message occurs even if I choose "reset to full access". So only root can see that zone, but not the new user. I found no way to make an existing zone available for that user.

Discussion

  • Jamie Cameron

    Jamie Cameron - 2015-08-05

    So this happens even if there is no /etc/webmin/bind8/$USER.acl file on your system (where $USER is the login of the problem user) ?

     

  • tobi

    tobi - 2015-08-10

    Sorry to reply a bit late, was away in a long weekend :-)
    I checked the dir and saw a acl file for the user. After I removed it the user could see the zone, BUT also has full access on any zones and could even configure the module config. So I tried to add only the zone i question for the user, but then the error "There are no DNS zones defined for this name server" shows up again

     

  • Jamie Cameron

    Jamie Cameron - 2015-08-10

    Can you post the .acl file for the user when he's in this state where DNS zones cannot be edited? I'd like to see exactly which settings Webmin is using..

     

  • tobi

    tobi - 2015-08-11

    Sure, here we go:

    whois=0
    noconfig=1
    types=
    findfree=0
    file=1
    defaults=0
    forward=0
    remote=1
    dir=/var/lib/bind
    zones=datapark.li
    apply=1
    views=0
    ro=0
    opts=1
    slave=0
    delegation=0
    gen=1
    master=0
    slaves=0
    vlist=
    reverse=0
    params=1
    inviews=
    delete=1
    dnssec=0
    multiple=1
    dironly=1

     

  • tobi

    tobi - 2015-08-11

    the zone file exists in the expected location:

    ls -al /var/lib/bind/
    total 20
    drwxrwxr-x 2 root bind 4096 Aug 10 15:10 .
    drwxr-xr-x 25 root root 4096 Aug 5 18:21 ..
    -rw-r--r-- 1 root root 53 Aug 5 09:30 bind9-default.md5sum
    -rw-r--r-- 1 root bind 341 Aug 5 09:49 datapark.li.hosts
    -rw-r--r-- 1 root bind 160 Aug 10 15:10 test.ch.hosts

     

  • Jamie Cameron

    Jamie Cameron - 2015-08-12

    Ok, I see the bug that causes this now. The work-around (till the next Webmin release) is to edit the file /etc/webmin/bind8/$user.acl and add the line inviews=* at the end.

     

  • tobi

    tobi - 2015-08-12

    Just to confirm: yes adding the line

    inviews=*

    solves the problem.
    Thanks for you fast support

     

Log in to post a comment.