[Opendnssec-user] permissions on signed zone files
Jan-Piet Mens
list at mens.de
Thu Mar 7 18:51:07 UTC 2024
>that file is in the primary zone directly put there by ods-signer after
>signing. bind can not read it because of the restrictive perms.
unless these are permissions explicitly set by OpenDNSSEC (which imo would be a
bug), it looks a bit as though umask is 066 when the signer is launched.
Can you modify ODS' startup to explicitly set umask 022?
-JP
More information about the Opendnssec-user
mailing list