Webmin / Bugs / #4923 DNSSEC key regen created as root

#4923 DNSSEC key regen created as root

Milestone: 1.830

Status: closed-fixed

Owner: nobody

Labels: None

Priority: 5

Updated: 2017-03-24

Created: 2017-03-23

Creator: Mark Piercewright

Private: No

Hi. I have activated DNSSEC on my DNS zones and turned on auto key regeneration. The keys get created OK in the correct directory but they are owned by root. named is runing under its own user and cant access the newly created files which causes a DNS journal error and bind stops resolving queries. To get around this I have been stopping named, deleting the journal files, changing the ownership of the newly created keys to the user under which named runs and then restarting the service. If this is not a bug is there an config change I can make to stop this happening? Thanks.

Discussion

Jamie Cameron - 2017-03-24

Can you give an example of a particular file that is created with the wrong ownership?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mark Piercewright - 2017-03-24

Sure, It is these two. They get created as root:root.
-rw-r--r-- 1 named named 476 Mar 13 22:25 Kxxx.+005+02325.key
-rw------- 1 named named 1198 Mar 13 22:25 Kxxx.+005+02325.private

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Jamie Cameron - 2017-03-24

status: open --> closed-fixed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Jamie Cameron - 2017-03-24

Ok, thanks. This will be fixed in the next Webmin release.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

DNSSEC key regen created as root

A web-based interface for system administration of UNIX

Group

Searches

Help

#4923 DNSSEC key regen created as root

Discussion