Problems with include in acl file
Joseph S D Yao
jsdy at tux.org
Sun Oct 18 05:46:20 UTC 2009
On Sat, Oct 17, 2009 at 10:33:37PM -0400, Robert Moskowitz wrote:
> I am trying to build up an environment where the user can maintain
> custom files and leave the basic files alone.
>
> So I have a named.acl that works, I add an include line:
>
> acl "hdanets" {
> 192.168.1.0/24; // hda network
> include "custom.acl";
> };
>
>
> and get the error:
>
> Starting named:
> Error in named configuration:
> named.acl:3: missing ';' before '"'
...
Glancing through the 9.6 ARM <https://www.isc.org/files/Bv9.6ARM.pdf>,
it seems to me that "include" is a statement, and needs to be parsed
outside of any other statements, not inside a statement. Inside the
"acl" statement the parser would expect to see IP addresses, networks in
the ip.ad.dr.ess/xx format, keys with the name prepended by the keyword
"key", and the names of other ACLs. When it encounters the word
"include" in this context, it parses it as the name of an ACL - after
which, the '"' is out of place.
It seems to me.
[Hmmm ... one can include {lists; in; braces;}; inside ACL lists - I'm
not sure how this is useful here.]
Another way of saying this - unlike in the C language, where "#include"
is part of a meta-language pre-processor run before the actual language
processor, in the configuration file, "include" is a part of the actual
language being parsed, and so must appear only where it's expected, and
not at any random position.
I hope that this helps.
--
/*********************************************************************\
**
** Joe Yao jsdy at tux.org - Joseph S. D. Yao
**
\*********************************************************************/
More information about the bind-users
mailing list