Set lower permissions for name.conf

[Mehdi Tamaddon]

Hi,
Today I run a shell on my server and I saw that I can see list of domains.
I searched about it and found out that I should decrease the permission of name.conf file to 700 , 600 & 640 but when I did it and restarted the named I got an error , named.conf did not start.
Then I changed it to 644 and it worked fine (started) .

At last my question is how can I prevent from reading this file using shell?
Thanks for help.

Regards,
Mehdi Tamaddon

 

[zEitEr]

Hello,

Set it to 640 and group "named". Though it allows to start named, I did not test it enough to say you won't run into any issue with these file permissions.

p.s. Directadmin when adding/deleting new data into the file will still change it to 644 root:root. So this should be changed at directadmin level.

 

[Mehdi Tamaddon]

reply

Thanks for reply
But at last what should I do when DA changes it again?
Please give me a simple instruction I am a newbie.
Thanks.

 

[zEitEr]

Set chmod 640 and chgrp named to the named.conf. It's now a feature request, so I hope John will change directadmin to keep this permissions.

 

[DirectAdmin Support]

I've added code to DA for the next release to respect the old uid/gid and mode.
https://www.directadmin.com/features.php?id=1709

It should be in the pre-release binaries within a day or so, as I upload new changes.

John