Bug 994578 - File permission change took down my servers
File permission change took down my servers
Status: CLOSED NOTABUG
Product: Fedora EPEL
Classification: Fedora
Component: pdns (Show other bugs)
el6
Unspecified Unspecified
unspecified Severity high
: ---
: ---
Assigned To: Morten Stevens
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-08-07 10:16 EDT by Marc Perkel
Modified: 2013-08-26 08:23 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-08-26 08:23:32 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marc Perkel 2013-08-07 10:16:55 EDT
Description of problem:

Upgrade changed file permissions causing PDNS to fail


Version-Release number of selected component (if applicable):


How reproducible:

yum upgrade


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

I know you will probably say it's my fault for not having all the file owners be pdns but when the upgrade ran and changed the file permissions to 700 it took down all my DNS servers. Before you modify permissions on other people's servers you might want to check if you are going to break it. You might want to consider that there may be a reason other people don't set things up the same way you do.

Going from working to not working is not an upgrade.
Comment 1 Morten Stevens 2013-08-07 10:33:27 EDT
Which file permissions exactly?

There is only one change to fix https://bugzilla.redhat.com/show_bug.cgi?id=646510

Steps to reproduce this? (I'm not able to reproduce this)
Comment 2 Marc Perkel 2013-08-07 10:40:12 EDT
The owner of pdns.conf was root. When you changed the access to 600 then the pdns process running under the user pdns couldn't read the pdns.conf file. I probably should have had pdns be the owner of pdns.conf but I didn't. It used to have 755 permissions and that worked.

I think that making the assumption that you can just change permissions because it makes things more secure runs the risk that you can break things.
Comment 3 Morten Stevens 2013-08-07 13:31:39 EDT
(In reply to Marc Perkel from comment #2)
> The owner of pdns.conf was root. When you changed the access to 600 then the
> pdns process running under the user pdns couldn't read the pdns.conf file.

The owner of pdns.conf is still root and there is no issue to read the pdns.conf file with 600 file permissions.

I suspect that this is a local problem with your installation.
Comment 4 Morten Stevens 2013-08-26 08:23:32 EDT
This is a local problem and not a bug = closed.

Note You need to log in before you can comment on or make changes to this bug.