opendev/system-config
Code Issues Proposed changes

adns: Set zone directory permissions

Browse Source 
Bind needs to be able to write to the zone directories in order
to sign the zones.

Change-Id: I5649c28c6f7d8d98e0eca3c9c4da5d7312198b5c
This commit is contained in:
James E. Blair 2018-11-05 09:02:55 -08:00
parent dae1a0351c
commit d15c6166c3
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
playbooks/roles/master-nameserver/tasks/main.yaml
View File

@ -19,6 +19,9 @@
synchronize: synchronize:
src: "/opt/source/{{ item.source }}" src: "/opt/source/{{ item.source }}"
dest: "/var/lib/bind/zones/{{ item.name }}" dest: "/var/lib/bind/zones/{{ item.name }}"
rsync_opts:
- "--chmod=u+rwX,g+rX,o+rX"
- "--chown=bind:bind"
loop: "{{ dns_zones }}" loop: "{{ dns_zones }}"
notify: Reload named notify: Reload named
- name: Install tsig key - name: Install tsig key