Changeset 634cf991 for server/major
- Timestamp:
- 02/18/2012 06:41:27 PM (12 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- c81750a
- Parents:
- bd5c017
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
server/major/bind.xml
rbd5c017 r634cf991 4 4 <!ENTITY % general-entities SYSTEM "../../general.ent"> 5 5 %general-entities; 6 <!ENTITY bind-download-http "http://gd.tuwien.ac.at/infosys/servers/isc/bind9/&bind-version;/bind-&bind-version;.tar.gz"> 7 <!ENTITY bind-download-ftp "ftp://ftp.isc.org/isc/bind9/&bind-version;/bind-&bind-version;.tar.gz"> 6 <!ENTITY bind-download-http 7 "http://gd.tuwien.ac.at/infosys/servers/isc/bind9/&bind-version;/bind-&bind-version;.tar.gz"> 8 <!ENTITY bind-download-ftp 9 "ftp://ftp.isc.org/isc/bind9/&bind-version;/bind-&bind-version;.tar.gz"> 8 10 <!ENTITY bind-md5sum "afa41f8203d50bedad65071f9b6f96d7"> 9 11 <!ENTITY bind-size "8.1 MB"> 10 12 <!ENTITY bind-buildsize "260 MB"> 11 <!ENTITY bind-time "1.7 SBU (additional 13 minutes, processor independent, to run the complete test suite)"> 13 <!ENTITY bind-time "1.7 SBU (additional 13 minutes, processor independent, to 14 run the complete test suite)"> 12 15 ]> 13 16 … … 61 64 <listitem> 62 65 <para>Optional patch (if net-tools is not installed): 63 <ulink url="&patch-root;/bind-&bind-version;-use_iproute2-1.patch"/></para> 66 <ulink 67 url="&patch-root;/bind-&bind-version;-use_iproute2-1.patch"/></para> 64 68 </listitem> 65 69 </itemizedlist> … … 75 79 patch to utilize iproute2, but the IPv6 tests will fail)</para> 76 80 77 <bridgehead renderas="sect4">Optional (to rebuild documentation)</bridgehead> 81 <bridgehead renderas="sect4">Optional (to rebuild the 82 documentation)</bridgehead> 78 83 <para role="optional"><!--<xref linkend="tetex"/> or--> 79 84 <xref linkend="texlive"/>, and … … 141 146 misc/{dnssec,ipv6,migrat*,options,rfc-compliance,roadmap,sdb} \ 142 147 /usr/share/doc/bind-&bind-version;/misc</userinput></screen> 143 144 148 </sect2> 145 149 … … 167 171 additional package documentation. Omit any or all of these commands if 168 172 desired.</para> 169 170 173 </sect2> 171 174 … … 195 198 196 199 <indexterm zone="bind bind-config"> 197 <primary sortas="e-etc-namedb-root.hints">/etc/namedb/root.hints</primary> 200 <primary 201 sortas="e-etc-namedb-root.hints">/etc/namedb/root.hints</primary> 198 202 </indexterm> 199 203 200 204 <indexterm zone="bind bind-config"> 201 <primary sortas="e-etc-namedb-pz-127.0.0.0">/etc/namedb/pz/127.0.0.0</primary> 205 <primary 206 sortas="e-etc-namedb-pz-127.0.0.0">/etc/namedb/pz/127.0.0.0</primary> 202 207 </indexterm> 203 204 208 </sect3> 205 209 … … 225 229 226 230 <screen role="root"><userinput>cd /srv/named && 227 mkdir -p dev etc/namedb/ slave var/run&&231 mkdir -p dev etc/namedb/{slave,pz} usr/lib/engines var/run/named && 228 232 mknod /srv/named/dev/null c 1 3 && 229 233 mknod /srv/named/dev/random c 1 8 && 230 234 chmod 666 /srv/named/dev/{null,random} && 231 mkdir /srv/named/etc/namedb/pz && 232 cp /etc/localtime /srv/named/etc</userinput></screen> 233 234 <para>Then, generate a key for use in the <filename>named.conf</filename> 235 and <filename>rdnc.conf</filename> files using the 235 cp /etc/localtime etc && 236 touch /srv/named/managed-keys.bind && 237 cp /usr/lib/engines/libgost.so usr/lib/engines && 238 [ $(arch) = x86_64 ] && ln -sv lib usr/lib64</userinput></screen> 239 240 <para>The <filename>rndc.conf</filename> file contains information for 241 controlling <command>named</command> operations with the 242 <command>rndc</command> utility. Generate a key for use in the <filename>named.conf</filename> and <filename>rdnc.conf</filename> with the 236 243 <command>rndc-confgen</command> command:</para> 237 244 238 <screen role="root"><userinput>rndc-confgen -r /dev/urandom -b 512 | \239 grep -m 1 "secret" | cut -d '"' -f 2</userinput></screen>240 241 <para>C reate the <filename>named.conf</filename> file from which245 <screen role="root"><userinput>rndc-confgen -r /dev/urandom -b 512 > /etc/rndc.conf && 246 sed '/conf/d;/^#/!d;s:^# ::' /etc/rndc.conf > /srv/named/etc/named.conf</userinput></screen> 247 248 <para>Complete the <filename>named.conf</filename> file from which 242 249 <command>named</command> will read the location of zone files, root 243 250 name servers and secure DNS keys:</para> 244 251 245 <screen role="root"><?dbfo keep-together="auto"?><userinput>cat > /srv/named/etc/named.conf << "EOF"246 <literal> 247 252 <screen role="root"><?dbfo keep-together="auto"?><userinput>cat >> /srv/named/etc/named.conf << "EOF" 253 <literal>options { 254 directory "/etc/namedb"; 248 255 pid-file "/var/run/named.pid"; 249 256 statistics-file "/var/run/named.stats"; 250 257 251 }; 252 controls { 253 inet 127.0.0.1 allow { localhost; } keys { rndc_key; }; 254 }; 255 key "rndc_key" { 256 algorithm hmac-md5; 257 secret "<replaceable><Insert secret from rndc-confgen's output here></replaceable>"; 258 }; 259 zone "." { 260 type hint; 261 file "root.hints"; 262 }; 263 zone "0.0.127.in-addr.arpa" { 264 type master; 265 file "pz/127.0.0"; 266 }; 258 }; 259 zone "." { 260 type hint; 261 file "root.hints"; 262 }; 263 zone "0.0.127.in-addr.arpa" { 264 type master; 265 file "pz/127.0.0"; 266 }; 267 267 268 268 // Bind 9 now logs by default through syslog (except debug). … … 270 270 271 271 logging { 272 273 272 category default { default_syslog; default_debug; }; 273 category unmatched { null; }; 274 274 275 275 channel default_syslog { … … 298 298 299 299 channel null { 300 null;// toss anything sent to300 null; // toss anything sent to 301 301 // this channel 302 302 }; 303 303 };</literal> 304 305 304 EOF</userinput></screen> 306 307 <para>Create the <filename>rndc.conf</filename> file with the following308 commands:</para>309 310 <screen role="root"><userinput>cat > /etc/rndc.conf << "EOF"311 <literal>key rndc_key {312 algorithm "hmac-md5";313 secret314 "<replaceable><Insert secret from rndc-confgen's output here></replaceable>";315 };316 options {317 default-server localhost;318 default-key rndc_key;319 };</literal>320 EOF</userinput></screen>321 322 <para>The <filename>rndc.conf</filename> file contains information for323 controlling <command>named</command> operations with the324 <command>rndc</command> utility.</para>325 305 326 306 <para>Create a zone file with the following contents:</para> … … 399 379 following command:</para> 400 380 401 <screen role="root"><userinput>chown -R named .named /srv/named</userinput></screen>381 <screen role="root"><userinput>chown -R named:named /srv/named</userinput></screen> 402 382 403 383 </sect3>
Note:
See TracChangeset
for help on using the changeset viewer.