TWO MAJOR CHANGES: Updated ROOT HINTS file from InterNIC as it was updated 4-29-2020. Also changed the permissions both build and entrypoint (run-time change) to match least permissions needed. This should tighten up the permissions for dynamically generated zones
This commit is contained in:
Ventz Petkov
@@ -17,7 +17,7 @@ env BIND_LOG -g
|
||||
# NOTE: Per Dockerfile manual --> need to mkdir the mounted dir to chown
|
||||
# &
|
||||
# Get latest bind.keys
|
||||
RUN mkdir -m 0770 -p /etc/bind && chown -R root:named /etc/bind ; \
|
||||
RUN mkdir -m 0750 -p /etc/bind && chown -R root:named /etc/bind ; \
|
||||
mkdir -m 0770 -p /var/cache/bind && chown -R named:named /var/cache/bind ; \
|
||||
wget -q -O /etc/bind/bind.keys https://ftp.isc.org/isc/bind9/keys/9.11/bind.keys.v9_11 ; \
|
||||
rndc-confgen -a
|
||||
|
||||
Reference in New Issue
Block a user