ensure our tsig keys are protected

author Martin Zobel-Helas <zobel@debian.org>

Thu, 24 Dec 2009 15:30:04 +0000 (16:30 +0100)

committer Martin Zobel-Helas <zobel@debian.org>

Thu, 24 Dec 2009 15:30:04 +0000 (16:30 +0100)
author Martin Zobel-Helas <zobel@debian.org>
Thu, 24 Dec 2009 15:30:04 +0000 (16:30 +0100)
committer Martin Zobel-Helas <zobel@debian.org>
Thu, 24 Dec 2009 15:30:04 +0000 (16:30 +0100)
diff --git a/modules/named/manifests/secondary.pp b/modules/named/manifests/secondary.pp

index 003f1fe4fac952f0efb64d9f951c8de13fa7e697..8d00d0affc99e43f771b208a637a0dc10e9e0752 100644 (file)
--- a/modules/named/manifests/secondary.pp
+++ b/modules/named/manifests/secondary.pp
@@ -4,5 +4,10 @@ class named::secondary inherits named {
                       "puppet:///named/common/named.conf.debian-zones" ],
          notify  => Exec["bind9 reload"],
      }
+    file { "/etc/bind/named.conf.shared-keys":
+        mode    => 640,
+        owner   => root,
+        group   => bind,
+    }
  }
author	Martin Zobel-Helas <zobel@debian.org>
	Thu, 24 Dec 2009 15:30:04 +0000 (16:30 +0100)
committer	Martin Zobel-Helas <zobel@debian.org>
	Thu, 24 Dec 2009 15:30:04 +0000 (16:30 +0100)