Date: Sat, 11 Apr 2015 15:09:14 -0400 From: Curtis Villamizar <curtis@ipv6.occnc.com> To: mat@FreeBSD.org Cc: freebsd-ports@freebsd.org, curtis@ipv6.occnc.com Subject: suggested patch to /usr/ports/dns/bind99/files/named.in Message-ID: <201504111909.t3BJ9EoK089662@maildrop31.somerville.occnc.com>
next in thread | raw e-mail | index | archive | help
Mat,
You are listed as the maintainer of dns/bind99 so this is addressed to
you. Sorry to trouble you.
A similar patch can be applied to dns/bind910. There would be a line
number shift. I tried it - it works.
The purpose of this patch is to fix two very minor annoyances.
1. If named.conf is moved in /etc/rc.conf with a line such as
named_conf=/etc/namedb/named.conf, then rndc-confgen creates a
key in the /etc/namedb but /usr/local/etc/rc.d/named restart or
reload won't use that key file. The reload will fail, but the
restart falls back to using kill.
2. The second problem is that if a rndc.conf file is used and put
in /etc/namedb, rndc won't find it. It is necessary to use an
rndc.conf file if running named in a jail, where there is no
127.0.0.1 address or if running IPv6 only and in other
circumstances, such as if it is desirable to reload remotely
(although an ssh command also solves this).
The change is simply to load up a rndc_flags variable and use it in
the two places where rndc is used.
btw- there seems to be a non-ascii character in the comment on line
188 after the string "but ${named_program}". I had to replace that
with a space to get this email message to go out. As a result the
second hunk may have to be applied manually but its a one line change
(one word addition).
Curtis
--- files/named.in.save 2015-03-25 16:25:30.000000000 -0400
+++ files/named.in 2015-04-11 15:02:48.556657000 -0400
@@ -62,6 +62,17 @@
_named_program_root="${named_program%/sbin/named}"
_openssl_engines="%%LOCALBASE%%/lib/engines"
+# Needed if named.conf and rndc.key are moved or if rndc.conf is used
+rndc_conf=${rndc_conf:-"$_named_confdir/rndc.conf"}
+rndc_key=${rndc_key:-"$_named_confdir/rndc.key"}
+if [ -s $rndc_conf ] ; then
+ rndc_flags=${rndc_flags:-"-c $rndc_conf"}
+elif [ -s $rndc_key ] ; then
+ rndc_flags=${rndc_flags:-"-k $rndc_key"}
+else
+ rndc_flags=${rndc_flags:-""}
+fi
+
# If running in a chroot cage, ensure that the appropriate files
# exist inside the cage, as well as helper symlinks into the cage
# from outside.
@@ -187,7 +198,7 @@
{
# This is a one line function, but ${named_program} is not defined early
# enough to be there when the reload_cmd variable is defined up there.
- ${_named_program_root}/sbin/rndc reload
+ ${_named_program_root}/sbin/rndc $rndc_flags reload
}
find_pidfile()
@@ -213,7 +224,7 @@
return 1
fi
echo 'Stopping named.'
- if ${_named_program_root}/sbin/rndc stop 2>/dev/null; then
+ if ${_named_program_root}/sbin/rndc $rndc_flags stop 2>/dev/null; then
wait_for_pids ${rc_pid}
else
echo -n 'rndc failed, trying kill: '
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201504111909.t3BJ9EoK089662>