From owner-cvs-src-old@FreeBSD.ORG Tue Dec 29 07:20:13 2009 Return-Path: Delivered-To: cvs-src-old@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9189910656CD for ; Tue, 29 Dec 2009 07:20:13 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 6452E8FC1A for ; Tue, 29 Dec 2009 07:20:13 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id nBT7KDRP029983 for ; Tue, 29 Dec 2009 07:20:13 GMT (envelope-from dougb@repoman.freebsd.org) Received: (from svn2cvs@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id nBT7KDrG029982 for cvs-src-old@freebsd.org; Tue, 29 Dec 2009 07:20:13 GMT (envelope-from dougb@repoman.freebsd.org) Message-Id: <200912290720.nBT7KDrG029982@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to dougb@repoman.freebsd.org using -f From: Doug Barton Date: Tue, 29 Dec 2009 07:19:52 +0000 (UTC) To: cvs-src-old@freebsd.org X-FreeBSD-CVS-Branch: RELENG_6 Subject: cvs commit: src/etc/mtree BIND.chroot.dist src/etc/namedb named.conf src/etc/rc.d named X-BeenThere: cvs-src-old@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: **OBSOLETE** CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2009 07:20:13 -0000 dougb 2009-12-29 07:19:52 UTC FreeBSD src repository Modified files: (Branch: RELENG_6) etc/mtree BIND.chroot.dist etc/namedb named.conf etc/rc.d named Log: SVN rev 201174 on 2009-12-29 07:19:52Z by dougb MFC r200448: [Deletion of command= not merged, prerequisite was intentionally not merged] Rename named_precmd to named_prestart to make it more clear and match convention. Move the command_args definition related to -u up into _prestart(). It (and the associated $named_uid value) are only used there, and unlike required_* and pidfile don't need to be used until this stage. Fix a silly bug that would only have affected people who were using the new named_wait or named_auto_forward features, AND had set up an rndc.conf file instead of using the automatically generated rndc.key. For named_conf: Add "-c $named_conf" to command_args if it's not set to the default. If it is set to the default and we're using the base BIND it's not necessary. If we're using BIND from the ports the user is likely to have included it in _flags (due to long necessity for doing so) so don't duplicate that if it's set. Add $named_conf to required_files MFC r200563: The named process needs to have a "working directory" that it can write to. This is specified in "options { directory }" in named.conf. So, create /etc/namedb/working with appropriate permissions, and update the entry in named.conf to match. In addition to specifying the working directory, file and path names in named.conf can be specified relative to the directory listed. However, since that directory is now different from /etc/namedb (where the configuration, zone, rndc.*, and other files are located) further update named.conf to specify all file names with fully qualified paths. Also update the comment about file and path names so users know this should be done for all file/path names in the file. This change will eliminate the 'working directory is not writable' messages at boot time without sacrificing security. It will also allow for features in newer versions of BIND (9.7+) to work as designed. Revision Changes Path 1.6.2.1 +2 -0 src/etc/mtree/BIND.chroot.dist 1.21.2.11 +95 -95 src/etc/namedb/named.conf 1.22.2.6 +16 -6 src/etc/rc.d/named