11 Bře
2013
11 Bře
'13
13:56
Hi Anand,
well spotted. I agree that it's better to change logfiles ownership
before dropping privileges.
I have fixed it in the git, and it will be present in the next release shortly.
Kind regards,
Marek
On 8 March 2013 23:45, Anand Buddhdev <anandb(a)ripe.net> wrote:
On 08/03/2013 23:24, Ondřej Surý wrote:
Anand,
thanks for reporting. I think the logfile needs to be created after
the pribiledges are dropped. Well include the fix into final 1.2.0.
Hi Ondrej,
If the log file is created after privileges are dropped, then the first
few log entries (such as binding to interface) would have nowhere to go.
So you should still consider changing the ownership just before dropping
privileges.
As a compromise, perhaps Knot could log those lines to syslog, and then
switch to the log file (similar to what BIND does on startup), but
that's kind of messy too, with log entries in different places.
Regards,
Anand
_______________________________________________
knot-dns-users mailing list
knot-dns-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users