| Stephen Gran on 22 Feb 2005 03:33:18 -0000 |
|
On Mon, Feb 21, 2005 at 05:37:59PM -0500, Mike Leone said: > Stephen Gran wrote: > > On Mon, Feb 21, 2005 at 04:00:03PM -0500, Mike Leone said: > > > > So it should not be trying to write to /etc/bind, then - very odd. > > Aaha, it could be that it writes them to the directory where the zone > > file is! Do you keep your zone files in /etc/bind? > > Good catch. Yes, I do. Because the other zone files listed in named.conf > were in /etc/bind (db.local, etc). So I should move them to /var/cache/bind? I tend to write them to /var/cache/bind, as it's bind's $HOME, and it breaks nothing. It also allows for a (potentially) read only root filesystem, if I ever get around to that goal. Neither way is right or wrong, just writing journal files to /etc feels wrong to me. > Is this the rndc.key that is created by the install of bind9, or one you > created yourself? I made it, although let me see . . . ah, I used dnssec-keygen to make the key. My memory is that it dumped the md5 string to use as a 'secret' as output after generating the key. The file written also has to be owned by the rndc user, in your case bind. It's been a while, though - all of this is from memory, so read the manpage for the program to see how it actually works. -- -------------------------------------------------------------------------- | Stephen Gran | A Linux machine! because a 486 is a | | steve@lobefin.net | terrible thing to waste! (By | | http://www.lobefin.net/~steve | jjs@wintermute.ucr.edu, Joe Sloan) | -------------------------------------------------------------------------- Attachment:
pgpcMbod9sFfR.pgp ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|