From: Pieter Lexis Date: Wed, 19 Jun 2019 09:53:08 +0000 (+0200) Subject: auth: Ensure pdns.conf is readable by pdns X-Git-Tag: dnsdist-1.4.0-rc3~15^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9ec614e2c45f0f6927f60b9924fd695fc6d2dc30;p=pdns auth: Ensure pdns.conf is readable by pdns --- diff --git a/builder-support/debian/authoritative/debian-buster/pdns-server.postinst b/builder-support/debian/authoritative/debian-buster/pdns-server.postinst index 1e0027862..87be37333 100644 --- a/builder-support/debian/authoritative/debian-buster/pdns-server.postinst +++ b/builder-support/debian/authoritative/debian-buster/pdns-server.postinst @@ -20,6 +20,7 @@ case "$1" in echo -n "Creating user and group pdns..." adduser --quiet --system --home /var/spool/powerdns --shell /bin/false --ingroup pdns --disabled-password --disabled-login --gecos "PowerDNS" pdns echo "done" + chown pdns:root /etc/powerdns/pdns.conf fi chown pdns:pdns /var/lib/powerdns || : ;; diff --git a/builder-support/debian/authoritative/debian-buster/rules b/builder-support/debian/authoritative/debian-buster/rules index 4862534e8..ecfb730cb 100755 --- a/builder-support/debian/authoritative/debian-buster/rules +++ b/builder-support/debian/authoritative/debian-buster/rules @@ -76,8 +76,8 @@ endif override_dh_fixperms: dh_fixperms - # these files often contain passwords. - chmod 0600 debian/pdns-server/etc/powerdns/pdns.conf + # these files often contain passwords. 660 as it is chowned to root:pdns + chmod 0660 debian/pdns-server/etc/powerdns/pdns.conf # restore moved files override_dh_clean: diff --git a/builder-support/debian/authoritative/debian-jessie/pdns-server.postinst b/builder-support/debian/authoritative/debian-jessie/pdns-server.postinst index 1e0027862..87be37333 100644 --- a/builder-support/debian/authoritative/debian-jessie/pdns-server.postinst +++ b/builder-support/debian/authoritative/debian-jessie/pdns-server.postinst @@ -20,6 +20,7 @@ case "$1" in echo -n "Creating user and group pdns..." adduser --quiet --system --home /var/spool/powerdns --shell /bin/false --ingroup pdns --disabled-password --disabled-login --gecos "PowerDNS" pdns echo "done" + chown pdns:root /etc/powerdns/pdns.conf fi chown pdns:pdns /var/lib/powerdns || : ;; diff --git a/builder-support/debian/authoritative/debian-jessie/rules b/builder-support/debian/authoritative/debian-jessie/rules index 705667461..54ab7f059 100755 --- a/builder-support/debian/authoritative/debian-jessie/rules +++ b/builder-support/debian/authoritative/debian-jessie/rules @@ -75,8 +75,8 @@ override_dh_auto_build-arch: override_dh_fixperms: dh_fixperms - # these files often contain passwords. - chmod 0600 debian/pdns-server/etc/powerdns/pdns.conf + # these files often contain passwords. 660 as it is chowned to root:pdns + chmod 0660 debian/pdns-server/etc/powerdns/pdns.conf # restore moved files override_dh_clean: diff --git a/builder-support/debian/authoritative/debian-stretch/pdns-server.postinst b/builder-support/debian/authoritative/debian-stretch/pdns-server.postinst index 1e0027862..87be37333 100644 --- a/builder-support/debian/authoritative/debian-stretch/pdns-server.postinst +++ b/builder-support/debian/authoritative/debian-stretch/pdns-server.postinst @@ -20,6 +20,7 @@ case "$1" in echo -n "Creating user and group pdns..." adduser --quiet --system --home /var/spool/powerdns --shell /bin/false --ingroup pdns --disabled-password --disabled-login --gecos "PowerDNS" pdns echo "done" + chown pdns:root /etc/powerdns/pdns.conf fi chown pdns:pdns /var/lib/powerdns || : ;; diff --git a/builder-support/debian/authoritative/debian-stretch/rules b/builder-support/debian/authoritative/debian-stretch/rules index 90b41e30a..fca9b4858 100755 --- a/builder-support/debian/authoritative/debian-stretch/rules +++ b/builder-support/debian/authoritative/debian-stretch/rules @@ -70,8 +70,8 @@ override_dh_auto_test: override_dh_fixperms: dh_fixperms - # these files often contain passwords. - chmod 0600 debian/pdns-server/etc/powerdns/pdns.conf + # these files often contain passwords. 660 as it is chowned to root:pdns + chmod 0660 debian/pdns-server/etc/powerdns/pdns.conf # restore moved files override_dh_clean: