Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am having an issue with my bind install. I discovered today in the process of changing the user to a non-privileged user that I am getting this error
In named.conf.local I have
[CODE]
controls {
inet 127.0.0.1 allow { localhost; };
};
[\CODE]
What file is it trying to write to?
What I have been trying to do is 1. stop bind from responding to requests from the internet and I seam to have had success.
2. run bind as a non-privileged user; partial success
3. put bind in chroot jail, yet to do.
I have added some statements to /etc/bind/named.conf.options
They are
[CODE]pid-file "/var/run/named/named.pid";
allow-query { 192.168.7/24; };
allow-transfer { none; };
allow-recursion { 192.168.7/24; };
listen-on { 192.168.7.1; };
forward only;
[\CODE]
In /etc/default/bind9 I have changed the user from 'bind' to 'named'
I created user and group 'named' and set permits on /var/run/named/named.pid
I am also getting a permission error for the rndc.key but have not changed permissions or owner.
I was trying to be careful not to break it but it seams that I did. I had name resolution for my local network working but something in the process above has broken it.
From one of the posts I read I got the impression that it was no longer necessary to run bind as a non-privileged user. Is that true? I think it was something I did when I started that part of the process that broke it.
This machine is to be my primary firewall/dhcp/dns so...
I backed up and removed all my changes and resolution started working again. Two different things seam to be causing it. First in changing things I enabled the RFC1918 zones ( include "/etc/bind/zones.rfc1918"; ) and checked the file and disabled the zone for my ip range, or so I thought.
The second thing is the options I added to restrict access to bind from the internet. I have not gone through them one at a time to see if I can isolate which one/s are causing the problem. They are:
allow-query { 192.168.7/24; };
allow-transfer { none; };
allow-recursion { 192.168.7/24; };
listen-on { 192.168.7.1; };
forward only;
Looking at these ip settings they don't seam right. Should they not be something like 192.168.7.0/24 ?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
