m master file managed-keys.bind failed
Doug Barton
dougb at dougbarton.us
Thu Dec 9 23:33:28 UTC 2010
On 12/08/2010 11:51, Martin McCormick wrote:
> I wrote:
>> Who is supposed to own /var/named?
>
> I received a response from a kind soul from this list
> who reminded me of a directive new to bind9.7.1 that lets you
> determine where the managed-keys.bind file lives. I set up
>
> managed-keys-directory "/etc/namedb/working";
That looks like a FreeBSD install. If you let it, /etc/rc.d/named will
use mtree to update the permissions on all relevant directories at each
startup, chroot, drop root privs, etc.
> and all is now well with that zone. This appears to be a logical
> place for the file and there is nothing else in that directory
> which is already under bind ownership.
Yes, that is the purpose of the /working directory on FreeBSD installs.
In the default conf there is this:
directory "/etc/namedb/working";
I have set up DNSSEC validation on my personal workstation and using the
managed keys directive it creates the files there.
If you're using FreeBSD I strongly suggest that you use the named.conf
file provided as your starting point.
hth,
Doug
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :) http://SupersetSolutions.com/
More information about the bind-users
mailing list