1 | <sect2>
|
---|
2 | <title>Configuration command explanations</title>
|
---|
3 | <para><userinput>
|
---|
4 | groupadd -g 200 named &&
|
---|
5 | useradd -m -g named -u 200 -s /bin/false named &&
|
---|
6 | cd /home/named &&
|
---|
7 | mkdir -p dev etc/namedb/slave var/run &&
|
---|
8 | mknod /home/named/dev/null c 1 3 &&
|
---|
9 | mknod /home/named/dev/random c 1 8 &&
|
---|
10 | chmod 666 /home/named/dev/{null,random} &&
|
---|
11 | mkdir /home/named/etc/namedb/pz &&
|
---|
12 | cp /etc/localtime /home/named/etc : </userinput>
|
---|
13 |
|
---|
14 | Create the unprivileged user and group named, along with device files
|
---|
15 | that named will need access to inside the chroot jail.</para>
|
---|
16 |
|
---|
17 | <para><userinput>
|
---|
18 | cat > /home/named/etc/named.conf << "EOF" : </userinput>
|
---|
19 | Create the BIND configuration file, from which named will read the
|
---|
20 | location of zone files, root nameservers and secure DNS keys.</para>
|
---|
21 | <para><userinput>
|
---|
22 | cat > /home/named/etc/namedb/pz/127.0.0 << "EOF" : </userinput>
|
---|
23 | Create a single zone file.</para>
|
---|
24 | <para><userinput>
|
---|
25 | cat > /home/named/etc/namedb/root.hints << "EOF" : </userinput>
|
---|
26 | The root.hints file is a list of root nameservers. This file must be
|
---|
27 | updated periodically with the dig utility. Consult the BIND 9
|
---|
28 | Administrator Reference Manual for details.</para>
|
---|
29 | <para><userinput>
|
---|
30 | cat > /etc/rndc.conf << "EOF" : </userinput>
|
---|
31 | The rncd.conf file contains information for controlling named
|
---|
32 | operations with the rndc utility.</para>
|
---|
33 |
|
---|
34 | <para><userinput>
|
---|
35 | cat > /etc/resolv.conf << "EOF" : </userinput>
|
---|
36 | The resolv.conf file will specify the local host(127.0.0.1) as the
|
---|
37 | nameserver.</para>
|
---|
38 |
|
---|
39 | <para><userinput>
|
---|
40 | cat > /etc/rc.d/init.d/bind << "EOF" : </userinput>
|
---|
41 | Create the boot script for BIND 9, used to start and stop the name
|
---|
42 | server daemon, named.</para>
|
---|
43 |
|
---|
44 |
|
---|
45 |
|
---|
46 | </sect2>
|
---|
47 |
|
---|