Menu

#4853 [BIND DNS] user can't delete zone it created

1.820
closed-fixed
nobody
BIND DNS Server (230) permissions (2)
5
2016-12-06
2016-12-06
André Fernandes
No

I found an issue with delete permissions for zones in the BIND DNS Server module.

We have "admin" and "operator" user profiles, and 2 views "public" and "internal". The operator user can only see/create/change zones in the public view ("Domains this user can edit", "Views this user can edit domains in", and "Views this user can edit and add zones to" are all set to selected+public).

The issue is that, even though the operator user can create zones in the public view without issues, it can't delete any of them (fails with the "You are not allowed to delete this zone" message). The admin user has no such issue and can delete any zone.

There are no logs of the deletion attempts in /var/webmin/webmin.log when the operator user tries.

Screenshots of the permissions for each profile.
Admin
Admin permissions
Operator
Operator permissions

Discussion

  • André Fernandes

    André Fernandes - 2016-12-06

    Borked permissions image URLs. Attaching.

     
    Thumbnail
    bind_admin_perms.png
    Thumbnail
    bind_operator_perms.png

  • Jamie Cameron

    Jamie Cameron - 2016-12-06

    Does this happen when you click on a zone and then click the Delete button, when you select a zone from the list and click Delete Selected, or both?

     

  • André Fernandes

    André Fernandes - 2016-12-06

    It happens in both cases.

     

  • Jamie Cameron

    Jamie Cameron - 2016-12-06
    • status: open --> closed-fixed
     

  • Jamie Cameron

    Jamie Cameron - 2016-12-06

    Ok, I see the cause of this - it will be fixed in the next Webmin release.

     

Log in to post a comment.