On 26/6/2019 20:25, Grant Taylor via bind-users wrote: > On 6/26/19 10:46 AM, Lefteris Tsintjelis via bind-users wrote: >> Yes, exactly this. That is the reason I changed the actual zone disk >> file permissions to root thinking that files would not be modifiable, >> but bind surprised me there. I did not expect to change the file >> ownership from root to bind! > > I'm surprised at the ownership change too. > > It may be dependent on your OS init scripts, perhaps they are changing > them. > > The only way that I see that BIND, running as something other than root, > could change them is if the user it's running as has write on the > directory and deletes & recreates new zone files as itself. But that > would surprise me too. > >> The problem started with ACME actually as it always messes up my disk >> zone files and have to always restore them. > > Is the ACME client modifying the zone file(s) directly? Or is it using > dynamic DNS (possibly via nsupdate) to request that BIND update the > zone(s)?
ACME is through net and not directly. I have checked and tripled checked that a few times, as well as the init/startup scripts. It is not ACME, it is named that modifies the file and it happens right after the dynamic ACME update. Lefteris _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
