# Bind permissions for Inline Signing DNSSEC



## wisdown (Oct 30, 2019)

Working in setup an new DNS server using the features of link:

Inline Signing in ISC BIND 9.9.0 -- Examples

Was not able to get zone signed using:

`rndc reconfig`

Looking on logs found the error:


```
create: permission denied
```

Then have changed the owner from *root:wheel* in 
	
	



```
/usr/local/etc/named/master
```
  to *bind:wheel*

Runing the command again:

`rndc reconfig`

Now zones are signed.

My question is:

Its safe keep this change?

Or

Should I work on only add the zones in /working directory (since is bind:bind the owner)?
(Read restoring the owner to root:wheel on /usr/local/etc/named/master )


----------

