diff options
| author | dougb <dougb@FreeBSD.org> | 2004-09-28 09:46:00 +0000 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2004-09-28 09:46:00 +0000 |
| commit | a0c7847c5ba90a7ccc3ba1ea38781396bffaffe6 (patch) | |
| tree | adec461a57e953379f28f1be08a23b3081ed6d6a /etc/namedb | |
| parent | d3ceec948f3a65b58d702b97a626bcd5a6120632 (diff) | |
| download | FreeBSD-src-a0c7847c5ba90a7ccc3ba1ea38781396bffaffe6.zip FreeBSD-src-a0c7847c5ba90a7ccc3ba1ea38781396bffaffe6.tar.gz | |
Create a named chroot directory structure in /var/named, and use it
by default when named is enabled. Also, improve our default directory
layout by creating /var/named/etc/namedb/{master|slave} directories,
and use the former for the generated localhost* files.
Rather than using pax to copy device entries, mount devfs in the
chroot directory.
There may be some corner cases where things need to be adjusted,
but overall this structure has been well tested on a production
network, and should serve the needs of the vast majority of users.
UPDATING has instructions on how to do the conversion for those
with existing configurations.
Diffstat (limited to 'etc/namedb')
| -rwxr-xr-x | etc/namedb/make-localhost | 10 | ||||
| -rw-r--r-- | etc/namedb/named.conf | 11 |
2 files changed, 12 insertions, 9 deletions
diff --git a/etc/namedb/make-localhost b/etc/namedb/make-localhost index f3f0b1d..60fbe49 100755 --- a/etc/namedb/make-localhost +++ b/etc/namedb/make-localhost @@ -32,16 +32,18 @@ fi date=`date +"%Y%m%d"` -mv -f localhost-v6.rev localhost-v6.rev.BAK 2>/dev/null +mkdir -p master + +mv -f master/localhost-v6.rev master/localhost-v6.rev.BAK 2>/dev/null sed -e "s/@host@/$fullhost/g" \ -e "s/@domain@/$domain/g" \ -e "s/@date@/$date/g" \ - < PROTO.localhost-v6.rev > localhost-v6.rev + < PROTO.localhost-v6.rev > master/localhost-v6.rev -mv -f localhost.rev localhost.rev.BAK 2>/dev/null +mv -f master/localhost.rev master/localhost.rev.BAK 2>/dev/null exec sed -e "s/@host@/$fullhost/g" \ -e "s/@domain@/$domain/g" \ -e "s/@date@/$date/g" \ - < PROTO.localhost.rev > localhost.rev + < PROTO.localhost.rev > master/localhost.rev diff --git a/etc/namedb/named.conf b/etc/namedb/named.conf index 5b7a718..3b45e0c 100644 --- a/etc/namedb/named.conf +++ b/etc/namedb/named.conf @@ -7,8 +7,9 @@ // or cause huge amounts of useless Internet traffic. options { - directory "/etc/namedb"; - pid-file "/var/run/named/pid"; + directory "/etc/namedb"; + pid-file "/var/run/named/pid"; + dump-file "/var/dump/named_dump.db"; // In addition to the "forwarders" clause, you can force your name // server to never initiate queries of its own, but always ask its @@ -63,19 +64,19 @@ zone "." { zone "0.0.127.IN-ADDR.ARPA" { type master; - file "localhost.rev"; + file "master/localhost.rev"; }; // RFC 3152 zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA" { type master; - file "localhost-v6.rev"; + file "master/localhost-v6.rev"; }; // RFC 1886 -- deprecated zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT" { type master; - file "localhost-v6.rev"; + file "master/localhost-v6.rev"; }; // NB: Do not use the IP addresses below, they are faked, and only |
