Date: Tue, 28 Sep 2004 06:31:44 -0700 (PDT) From: Doug Barton <DougB@FreeBSD.org> To: Hajimu UMEMOTO <ume@FreeBSD.org> Cc: freebsd-current@FreeBSD.org Subject: Re: HEADS UP: named now runs chroot'ed by default Message-ID: <20040928062649.K5729@ync.qbhto.arg> In-Reply-To: <ygeacvali41.wl%ume@FreeBSD.org> References: <20040928025635.Q5094@ync.qbhto.arg> <ygeacvali41.wl%ume@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 28 Sep 2004, Hajimu UMEMOTO wrote:
> Hi,
>
>>>>>> On Tue, 28 Sep 2004 03:03:46 -0700 (PDT)
>>>>>> Doug Barton <DougB@FreeBSD.org> said:
>
> DougB> For those that don't have a named configuration, all you should have to
> DougB> do is 'rm -r /etc/namedb' and you'll be fine.
>
> Where should we store rndc.conf, now?
Well if you follow the instructions in UPDATING, you'll end up with
/etc/namedb as a symlink to the chroot directory in /var/named/.
That said, I highly reocmmend that you drop rndc.conf altogether, and
use the rndc.key format instead. This allows you to get rid of the key
statements in named.conf as well, and either manage the rndc keys
seperately (if you need to) or just ignore it and let rc.d/named create
one for you randomly.
Doug
--
This .signature sanitized for your protection
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040928062649.K5729>