At 03:34 PM 14/11/97 +0100, Johannes Schwabe wrote:
## Reply Start ##
>On Fri, 14 Nov 1997, Anton J Aylward wrote:
>
>> Situation is this: Normal "separation of Duties" methods of
>> security applied to DNS. A DNS administrator with a
>> login ID of "bind" owns the resource files. This is to
>> avoid doing everything as root! Apropriate support via
>> symlinks and whatever.
>>
>> But when a change has been made there is a need to HUP the
>> named. Since named runs on a privileged port it is run
>> as root. The userID "bind" can't HUP it.
>
>Write a program to find out the PID of named and kill it. Make that
>program SUID root and accessible by user "bind" only. Take care that
>the SUID program cannot be misused.
I'm long past this stage.
More specifically, I have such a program - began life as a shell script -
which looks for all the appropriate .pid files. Under LINUX its easy -
look in /var/run. So even that is more general than your specific one.
However, AIX's tool is more general still, start, stop, refresh....
But I don't like writing code if its reinventing the wheel.
Which was the point my question. If its already been written,
someone has thought this thru and perhaps seen things I haven't.
/anton
## Reply End ##
|
|
