Re: Reloading/probing named as a non-root user

[Mike Burger <mburger compucomis net>]

If I may, you're reinventing the wheel, a bit, here.

Webmin will do this for you, already.  You can create users within webmin,
and give them permissions only on the BIND server and only to their zone
files.  And, there's an "Apply Changes" selection that will go ahead and
taek care of the "ndc reload" thing for you, too.

On Thu, 29 Mar 2001, Andreas Lund wrote:

>
> I'm writing a CGI script to maintain DNS zone files via web, and it's coming
> along just great. Now I want to let admin users reload the zone files, but I
> can't figure out how to do it. Here's what I tried:
>
> 1. As root, I created a tiny shell script called "reload":
> #!/bin/sh
> /etc/rc.d/init.d/named reload
>
> 2. I made it executable:
> chmod +x reload
>
> 3. I made it SUID:
> chmod u+s reload
>
> 4. I changed to the web server user:
> su - nobody
>
> But when I try to run the script:
> ndc: error: ctl_client: evConnect(fd 3): Connection refused
> ndc: error: cannot connect to command channel (/var/run/ndc)
>
> Any idea how I can get around this problem? For now, I reload named every 24
> hours via cron but this is not an ideal solution.
>
>
> Andreas Lund (floyd@atc.no)
> -- Tel: +47 90.07.71.62 / +47 63.88.33.56
> Ano-Tech Computers (http://www.atc.no/)
> ** Western civilization? I think it's a good idea **
>
>
>
>
> _______________________________________________
> Guinness-list mailing list
> Guinness-list@redhat.com
> https://listman.redhat.com/mailman/listinfo/guinness-list
>