BIND-9.14.5 rndc-confgen: The -r option has been deprecated.

[Kevin]

Setting up the rndc.conf file for Bind configuration errors out after pasting the following from the 9.0 BLFS book:

rndc-confgen -r /dev/urandom -b 512 > /etc/rndc.conf &&
sed '/conf/d;/^#/!d;s:^# ::' /etc/rndc.conf > /srv/named/etc/named.conf

rndc-confgen: The -r option has been deprecated.

Result:
Empty initial rndc.conf file and subsequently empty named.conf.

Change to:

rndc-confgen -a -b 512 -t /srv/named

wrote key file "/etc/rndc.key"
wrote key file "/srv/named/etc/rndc.key"

The -a option as per the man page:
Do automatic rndc configuration. This creates a file rndc.key in /etc (or whatever sysconfdir was specified as when BIND was built) that is read by both rndc and named on startup. The rndc.key file defines a default command channel and authentication key allowing rndc to communicate with named on the local host with no further configuration.

The -t option as per the man page:

Used with the -a option to specify a directory where named will run chrooted. An additional copy of the rndc.key will be written relative to this directory so that it will be found by the chrooted named.

Caveats:
First time setting up this service on fresh 9.0 LFS system. Not tested at this time since machine is segregated from Internet, however, all indicators suggest it is working normally no error messages.

Deviations from Book:
Instead of

pip3 install ply

Ran from file:

wget http://www.dabeaz.com/ply/ply-3.11.tar.gz
pip3 install ply-3.11.tar.gz

Processing ./ply-3.11.tar.gz Installing collected packages: ply

Running setup.py install for ply ... done

Successfully installed ply-3.11n

Otherwise the Chapter was followed exactly. Seems to apply to both systemd or initv versions of book.

Maybe missing some step? Cause it sure is odd that I'm finding this now and no one has used Bind up to now? Searched tickets and wiki nothing found. Maybe search mail lists? This is my first ticket. :)

[Douglas R. Reno]

Pick up a couple of things that I need for gvfs

[Douglas R. Reno]

Thank you for the heads up on this!

I'll make sure to add an errata in as well.

[Douglas R. Reno]

Fixed at r22255 (for SVN)

For 9.0, errata has been added at r1501

Thanks again for reporting!

[Kevin]

ok, great to help. Just getting use to the system. Seems like a great way to coordinate revisions.

Also added a Wiki entry for Bind with more information which might be good for someone to verify it meets the standards. ​http://wiki.linuxfromscratch.org/blfs/wiki/bind

Thanks for the comments. Was a little unsure being my first time.

[Kevin]

Just going over the modification you committed,

I think you can drop this out as well now:

sed '/conf/d;/^#/!d;s:^# ::' /etc/rndc.conf > /srv/named/etc/named.conf

The -a option as per the man page: Do automatic rndc configuration. This creates a file rndc.key in /etc (or whatever sysconfdir was specified as when BIND was built) that is read by both rndc and named on startup

SO it indicates it will read the rndc.key for both rndc and named nullifying the need to put the key information in named.conf.

Seemed to run clean when I did so.

[Kevin]

Hope I read the change correctly, like I said still new to the system. Think I'll check out About Trac and upload some info to make sure I understand the system better.

[Douglas R. Reno]

You're good, thanks for letting me know! Your understanding is correct, I didn't realize that it wasn't needed when I ran through the initial configuration on my development machine. :)

Fixed at r22257

[Kevin]

ok, great job. See you fixed the namedb to just named Was wondering about that.