summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--etc/defaults/periodic.conf4
-rw-r--r--etc/defaults/rc.conf18
-rw-r--r--etc/freebsd-update.conf2
-rw-r--r--etc/namedb/Makefile11
-rw-r--r--etc/namedb/master/Makefile9
-rw-r--r--etc/namedb/master/empty.db11
-rw-r--r--etc/namedb/master/localhost-forward.db11
-rw-r--r--etc/namedb/master/localhost-reverse.db13
-rw-r--r--etc/namedb/named.conf360
-rw-r--r--etc/namedb/named.root92
-rwxr-xr-xetc/periodic/daily/470.status-named62
-rw-r--r--etc/rc.d/Makefile1
-rwxr-xr-xetc/rc.d/named301
-rwxr-xr-xetc/rc.d/ntpdate2
-rwxr-xr-xetc/rc.d/rpcbind2
-rwxr-xr-xetc/rc.d/syslogd1
16 files changed, 4 insertions, 896 deletions
diff --git a/etc/defaults/periodic.conf b/etc/defaults/periodic.conf
index 11eed5b..77f1dcb 100644
--- a/etc/defaults/periodic.conf
+++ b/etc/defaults/periodic.conf
@@ -137,10 +137,6 @@ daily_status_mail_rejects_enable="YES" # Check mail rejects
daily_status_mail_rejects_logs=3 # How many logs to check
daily_status_mail_rejects_shorten="NO" # Shorten output
-# 470.status-named
-daily_status_named_enable="YES"
-daily_status_named_usedns="YES" # DNS lookups are ok
-
# 480.status-ntpd
daily_status_ntpd_enable="NO" # Check NTP status
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index 05611d1..a34f0c1 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -260,6 +260,7 @@ hostapd_enable="NO" # Run hostap daemon.
syslogd_enable="YES" # Run syslog daemon (or NO).
syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one.
syslogd_flags="-s" # Flags to syslogd (if enabled).
+altlog_proglist="" # List of chrooted applicatioins in /var
inetd_enable="NO" # Run the network daemon dispatcher (YES/NO).
inetd_program="/usr/sbin/inetd" # path to inetd, if you want a different one.
inetd_flags="-wW -C 60" # Optional flags to inetd
@@ -271,23 +272,6 @@ hastd_program="/sbin/hastd" # path to hastd, if you want a different one.
hastd_flags="" # Optional flags to hastd.
ctld_enable="NO" # CAM Target Layer / iSCSI target daemon.
local_unbound_enable="NO" # local caching resolver
-#
-# named. It may be possible to run named in a sandbox, man security for
-# details.
-#
-named_enable="NO" # Run named, the DNS server (or NO).
-named_program="/usr/sbin/named" # Path to named, if you want a different one.
-named_conf="/etc/namedb/named.conf" # Path to the configuration file
-#named_flags="" # Use this for flags OTHER than -u and -c
-named_uid="bind" # User to run named as
-named_chrootdir="/var/named" # Chroot directory (or "" not to auto-chroot it)
-named_chroot_autoupdate="YES" # Automatically install/update chrooted
- # components of named. See /etc/rc.d/named.
-named_symlink_enable="YES" # Symlink the chrooted pid file
-named_wait="NO" # Wait for working name service before exiting
-named_wait_host="localhost" # Hostname to check if named_wait is enabled
-named_auto_forward="NO" # Set up forwarders from /etc/resolv.conf
-named_auto_forward_only="NO" # Do "forward only" instead of "forward first"
#
# kerberos. Do not run the admin daemons on slave servers
diff --git a/etc/freebsd-update.conf b/etc/freebsd-update.conf
index 4410903..7f09170 100644
--- a/etc/freebsd-update.conf
+++ b/etc/freebsd-update.conf
@@ -35,7 +35,7 @@ UpdateIfUnmodified /etc/ /var/ /root/ /.cshrc /.profile
# When upgrading to a new FreeBSD release, files which match MergeChanges
# will have any local changes merged into the version from the new release.
-MergeChanges /etc/ /var/named/etc/ /boot/device.hints
+MergeChanges /etc/ /boot/device.hints
### Default configuration options:
diff --git a/etc/namedb/Makefile b/etc/namedb/Makefile
deleted file mode 100644
index 3a5e1f6..0000000
--- a/etc/namedb/Makefile
+++ /dev/null
@@ -1,11 +0,0 @@
-# $FreeBSD$
-
-SUBDIR= master
-
-FILES= named.conf named.root
-
-NO_OBJ=
-FILESDIR= /etc/namedb
-FILESMODE= 644
-
-.include <bsd.prog.mk>
diff --git a/etc/namedb/master/Makefile b/etc/namedb/master/Makefile
deleted file mode 100644
index 7907bf3..0000000
--- a/etc/namedb/master/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
-# $FreeBSD$
-
-FILES= empty.db localhost-forward.db localhost-reverse.db
-
-NO_OBJ=
-FILESDIR= /etc/namedb/master
-FILESMODE= 644
-
-.include <bsd.prog.mk>
diff --git a/etc/namedb/master/empty.db b/etc/namedb/master/empty.db
deleted file mode 100644
index 070f663..0000000
--- a/etc/namedb/master/empty.db
+++ /dev/null
@@ -1,11 +0,0 @@
-
-; $FreeBSD$
-
-$TTL 3h
-@ SOA @ nobody.localhost. 42 1d 12h 1w 3h
- ; Serial, Refresh, Retry, Expire, Neg. cache TTL
-
-@ NS @
-
-; Silence a BIND warning
-@ A 127.0.0.1
diff --git a/etc/namedb/master/localhost-forward.db b/etc/namedb/master/localhost-forward.db
deleted file mode 100644
index 9156d2f..0000000
--- a/etc/namedb/master/localhost-forward.db
+++ /dev/null
@@ -1,11 +0,0 @@
-
-; $FreeBSD$
-
-$TTL 3h
-localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
- ; Serial, Refresh, Retry, Expire, Neg. cache TTL
-
- NS localhost.
-
- A 127.0.0.1
- AAAA ::1
diff --git a/etc/namedb/master/localhost-reverse.db b/etc/namedb/master/localhost-reverse.db
deleted file mode 100644
index ceabe05..0000000
--- a/etc/namedb/master/localhost-reverse.db
+++ /dev/null
@@ -1,13 +0,0 @@
-
-; $FreeBSD$
-
-$TTL 3h
-@ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
- ; Serial, Refresh, Retry, Expire, Neg. cache TTL
-
- NS localhost.
-
-1.0.0 PTR localhost.
-
-1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost.
-
diff --git a/etc/namedb/named.conf b/etc/namedb/named.conf
deleted file mode 100644
index 5f01106..0000000
--- a/etc/namedb/named.conf
+++ /dev/null
@@ -1,360 +0,0 @@
-// $FreeBSD$
-//
-// Refer to the named.conf(5) and named(8) man pages, and the documentation
-// in /usr/share/doc/bind9 for more details.
-//
-// If you are going to set up an authoritative server, make sure you
-// understand the hairy details of how DNS works. Even with
-// simple mistakes, you can break connectivity for affected parties,
-// or cause huge amounts of useless Internet traffic.
-
-options {
- // All file and path names are relative to the chroot directory,
- // if any, and should be fully qualified.
- directory "/etc/namedb/working";
- pid-file "/var/run/named/pid";
- dump-file "/var/dump/named_dump.db";
- statistics-file "/var/stats/named.stats";
-
-// If named is being used only as a local resolver, this is a safe default.
-// For named to be accessible to the network, comment this option, specify
-// the proper IP address, or delete this option.
- listen-on { 127.0.0.1; };
-
-// If you have IPv6 enabled on this system, uncomment this option for
-// use as a local resolver. To give access to the network, specify
-// an IPv6 address, or the keyword "any".
-// listen-on-v6 { ::1; };
-
-// These zones are already covered by the empty zones listed below.
-// If you remove the related empty zones below, comment these lines out.
- disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
- disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
- disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
-
-// If you've got a DNS server around at your upstream provider, enter
-// its IP address here, and enable the line below. This will make you
-// benefit from its cache, thus reduce overall DNS traffic in the Internet.
-/*
- forwarders {
- 127.0.0.1;
- };
-*/
-
-// If the 'forwarders' clause is not empty the default is to 'forward first'
-// which will fall back to sending a query from your local server if the name
-// servers in 'forwarders' do not have the answer. Alternatively you can
-// force your name server to never initiate queries of its own by enabling the
-// following line:
-// forward only;
-
-// If you wish to have forwarding configured automatically based on
-// the entries in /etc/resolv.conf, uncomment the following line and
-// set named_auto_forward=yes in /etc/rc.conf. You can also enable
-// named_auto_forward_only (the effect of which is described above).
-// include "/etc/namedb/auto_forward.conf";
-
- /*
- Modern versions of BIND use a random UDP port for each outgoing
- query by default in order to dramatically reduce the possibility
- of cache poisoning. All users are strongly encouraged to utilize
- this feature, and to configure their firewalls to accommodate it.
-
- AS A LAST RESORT in order to get around a restrictive firewall
- policy you can try enabling the option below. Use of this option
- will significantly reduce your ability to withstand cache poisoning
- attacks, and should be avoided if at all possible.
-
- Replace NNNNN in the example with a number between 49160 and 65530.
- */
- // query-source address * port NNNNN;
-};
-
-// If you enable a local name server, don't forget to enter 127.0.0.1
-// first in your /etc/resolv.conf so this server will be queried.
-// Also, make sure to enable it in /etc/rc.conf.
-
-// The traditional root hints mechanism. Use this, OR the slave zones below.
-zone "." { type hint; file "/etc/namedb/named.root"; };
-
-/* Slaving the following zones from the root name servers has some
- significant advantages:
- 1. Faster local resolution for your users
- 2. No spurious traffic will be sent from your network to the roots
- 3. Greater resilience to any potential root server failure/DDoS
-
- On the other hand, this method requires more monitoring than the
- hints file to be sure that an unexpected failure mode has not
- incapacitated your server. Name servers that are serving a lot
- of clients will benefit more from this approach than individual
- hosts. Use with caution.
-
- To use this mechanism, uncomment the entries below, and comment
- the hint zone above.
-
- As documented at http://dns.icann.org/services/axfr/ these zones:
- "." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and ROOT-SERVERS.NET
- are available for AXFR from these servers on IPv4 and IPv6:
- xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
-*/
-/*
-zone "." {
- type slave;
- file "/etc/namedb/slave/root.slave";
- masters {
- 192.5.5.241; // F.ROOT-SERVERS.NET.
- };
- notify no;
-};
-zone "arpa" {
- type slave;
- file "/etc/namedb/slave/arpa.slave";
- masters {
- 192.5.5.241; // F.ROOT-SERVERS.NET.
- };
- notify no;
-};
-*/
-
-/* Serving the following zones locally will prevent any queries
- for these zones leaving your network and going to the root
- name servers. This has two significant advantages:
- 1. Faster local resolution for your users
- 2. No spurious traffic will be sent from your network to the roots
-*/
-// RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
-zone "localhost" { type master; file "/etc/namedb/master/localhost-forward.db"; };
-zone "127.in-addr.arpa" { type master; file "/etc/namedb/master/localhost-reverse.db"; };
-zone "255.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// RFC 1912-style zone for IPv6 localhost address (RFC 6303)
-zone "0.ip6.arpa" { type master; file "/etc/namedb/master/localhost-reverse.db"; };
-
-// "This" Network (RFCs 1912, 5735 and 6303)
-zone "0.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// Private Use Networks (RFCs 1918, 5735 and 6303)
-zone "10.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "16.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "17.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "18.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "19.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "20.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "21.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "22.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "23.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "24.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "25.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "26.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "27.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "28.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "29.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "30.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "31.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "168.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// Shared Address Space (RFC 6598)
-zone "64.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "65.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "66.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "67.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "68.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "69.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "70.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "71.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "72.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "73.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "74.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "75.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "76.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "77.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "78.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "79.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "80.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "81.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "82.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "83.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "84.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "85.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "86.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "87.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "88.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "89.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "90.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "91.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "92.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "93.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "94.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "95.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "96.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "97.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "98.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "99.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "100.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "101.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "102.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "103.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "104.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "105.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "106.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "107.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "108.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "109.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "110.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "111.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "112.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "113.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "114.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "115.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "116.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "117.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "118.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "119.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "120.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "121.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "122.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "123.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "124.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "125.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "126.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "127.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// Link-local/APIPA (RFCs 3927, 5735 and 6303)
-zone "254.169.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// IETF protocol assignments (RFCs 5735 and 5736)
-zone "0.0.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303)
-zone "2.0.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "100.51.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "113.0.203.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// IPv6 Example Range for Documentation (RFCs 3849 and 6303)
-zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// Domain Names for Documentation and Testing (BCP 32)
-zone "test" { type master; file "/etc/namedb/master/empty.db"; };
-zone "example" { type master; file "/etc/namedb/master/empty.db"; };
-zone "invalid" { type master; file "/etc/namedb/master/empty.db"; };
-zone "example.com" { type master; file "/etc/namedb/master/empty.db"; };
-zone "example.net" { type master; file "/etc/namedb/master/empty.db"; };
-zone "example.org" { type master; file "/etc/namedb/master/empty.db"; };
-
-// Router Benchmark Testing (RFCs 2544 and 5735)
-zone "18.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "19.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// IANA Reserved - Old Class E Space (RFC 5735)
-zone "240.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "241.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "242.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "243.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "244.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "245.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "246.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "247.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "248.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "249.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "250.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "251.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "252.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "253.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "254.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// IPv6 Unassigned Addresses (RFC 4291)
-zone "1.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "3.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "4.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "5.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "6.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "7.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "8.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "9.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "a.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "b.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "c.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "d.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "e.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "0.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "1.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "2.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "3.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "4.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "5.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "6.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "7.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "8.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "9.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "a.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "b.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "0.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "1.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "2.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "3.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "4.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "5.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "6.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "7.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// IPv6 ULA (RFCs 4193 and 6303)
-zone "c.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "d.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// IPv6 Link Local (RFCs 4291 and 6303)
-zone "8.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "9.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "a.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "b.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303)
-zone "c.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "d.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "e.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-zone "f.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
-
-// IP6.INT is Deprecated (RFC 4159)
-zone "ip6.int" { type master; file "/etc/namedb/master/empty.db"; };
-
-// NB: Do not use the IP addresses below, they are faked, and only
-// serve demonstration/documentation purposes!
-//
-// Example slave zone config entries. It can be convenient to become
-// a slave at least for the zone your own domain is in. Ask
-// your network administrator for the IP address of the responsible
-// master name server.
-//
-// Do not forget to include the reverse lookup zone!
-// This is named after the first bytes of the IP address, in reverse
-// order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
-//
-// Before starting to set up a master zone, make sure you fully
-// understand how DNS and BIND work. There are sometimes
-// non-obvious pitfalls. Setting up a slave zone is usually simpler.
-//
-// NB: Don't blindly enable the examples below. :-) Use actual names
-// and addresses instead.
-
-/* An example dynamic zone
-key "exampleorgkey" {
- algorithm hmac-md5;
- secret "sf87HJqjkqh8ac87a02lla==";
-};
-zone "example.org" {
- type master;
- allow-update {
- key "exampleorgkey";
- };
- file "/etc/namedb/dynamic/example.org";
-};
-*/
-
-/* Example of a slave reverse zone
-zone "1.168.192.in-addr.arpa" {
- type slave;
- file "/etc/namedb/slave/1.168.192.in-addr.arpa";
- masters {
- 192.168.1.1;
- };
-};
-*/
diff --git a/etc/namedb/named.root b/etc/namedb/named.root
deleted file mode 100644
index adf5e79..0000000
--- a/etc/namedb/named.root
+++ /dev/null
@@ -1,92 +0,0 @@
-;
-; $FreeBSD$
-;
-
-; This file holds the information on root name servers needed to
-; initialize cache of Internet domain name servers
-; (e.g. reference this file in the "cache . <file>"
-; configuration file of BIND domain name servers).
-;
-; This file is made available by InterNIC
-; under anonymous FTP as
-; file /domain/named.cache
-; on server FTP.INTERNIC.NET
-; -OR- RS.INTERNIC.NET
-;
-; last update: Jan 3, 2013
-; related version of root zone: 2013010300
-;
-; formerly NS.INTERNIC.NET
-;
-. 3600000 IN NS A.ROOT-SERVERS.NET.
-A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
-A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
-;
-; FORMERLY NS1.ISI.EDU
-;
-. 3600000 NS B.ROOT-SERVERS.NET.
-B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
-;
-; FORMERLY C.PSI.NET
-;
-. 3600000 NS C.ROOT-SERVERS.NET.
-C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
-;
-; FORMERLY TERP.UMD.EDU
-;
-. 3600000 NS D.ROOT-SERVERS.NET.
-D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
-D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D
-;
-; FORMERLY NS.NASA.GOV
-;
-. 3600000 NS E.ROOT-SERVERS.NET.
-E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
-;
-; FORMERLY NS.ISC.ORG
-;
-. 3600000 NS F.ROOT-SERVERS.NET.
-F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
-F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F
-;
-; FORMERLY NS.NIC.DDN.MIL
-;
-. 3600000 NS G.ROOT-SERVERS.NET.
-G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
-;
-; FORMERLY AOS.ARL.ARMY.MIL
-;
-. 3600000 NS H.ROOT-SERVERS.NET.
-H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
-H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235
-;
-; FORMERLY NIC.NORDU.NET
-;
-. 3600000 NS I.ROOT-SERVERS.NET.
-I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
-I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53
-;
-; OPERATED BY VERISIGN, INC.
-;
-. 3600000 NS J.ROOT-SERVERS.NET.
-J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
-J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
-;
-; OPERATED BY RIPE NCC
-;
-. 3600000 NS K.ROOT-SERVERS.NET.
-K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
-K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1
-;
-; OPERATED BY ICANN
-;
-. 3600000 NS L.ROOT-SERVERS.NET.
-L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
-L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
-;
-; OPERATED BY WIDE
-;
-. 3600000 NS M.ROOT-SERVERS.NET.
-M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
-M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35
-; End of File
diff --git a/etc/periodic/daily/470.status-named b/etc/periodic/daily/470.status-named
deleted file mode 100755
index 987029e..0000000
--- a/etc/periodic/daily/470.status-named
+++ /dev/null
@@ -1,62 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
-catmsgs() {
- find /var/log -name 'messages.*' -mtime -2 |
- sort -t. -r -n -k 2,2 |
- while read f
- do
- case $f in
- *.gz) zcat -f $f;;
- *.bz2) bzcat -f $f;;
- esac
- done
- [ -f /var/log/messages ] && cat /var/log/messages
-}
-
-case "$daily_status_named_enable" in
- [Yy][Ee][Ss])
- echo
- echo 'Checking for denied zone transfers (AXFR and IXFR):'
-
- start=`date -v-1d '+%b %e'`
- rc=$(catmsgs |
- fgrep -E "^$start.*named\[[[:digit:]]+\]: transfer of .*failed .*: REFUSED" |
- sed -e "s/.*transfer of \'\(.*\)\/IN\' from \(.*\)#[0-9]*: .*/\1 from \2/" |
- sort -f | uniq -ic | (
- usedns=0
- case "$daily_status_named_usedns" in
- '') ;;
- [yY][eE][sS]) usedns=1 ;;
- esac
-
- while read line ;do
- ipaddr=`echo "$line" | sed -e 's/^.*from //'`
- if [ $usedns -eq 1 ]; then
- name=`host "${ipaddr}" 2>/dev/null | \
- sed 's/.*domain name pointer \(.*\)\./\1/'`
- fi
- if [ -n "${name}" ]; then
- echo "${line} (${name})"
- else
- echo "${line}"
- fi
- done ) | \
- tee /dev/stderr | wc -l)
- [ $rc -gt 0 ] && rc=1
- ;;
-
- *) rc=0;;
-esac
-
-exit $rc
diff --git a/etc/rc.d/Makefile b/etc/rc.d/Makefile
index e51e2f8..375da6d 100644
--- a/etc/rc.d/Makefile
+++ b/etc/rc.d/Makefile
@@ -90,7 +90,6 @@ FILES= DAEMON \
mroute6d \
mrouted \
msgs \
- named \
natd \
netif \
netoptions \
diff --git a/etc/rc.d/named b/etc/rc.d/named
deleted file mode 100755
index b55bde3..0000000
--- a/etc/rc.d/named
+++ /dev/null
@@ -1,301 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-
-# PROVIDE: named
-# REQUIRE: SERVERS FILESYSTEMS
-# KEYWORD: shutdown
-
-. /etc/rc.subr
-
-name="named"
-rcvar=named_enable
-
-extra_commands="reload"
-
-start_precmd="named_prestart"
-start_postcmd="named_poststart"
-reload_cmd="named_reload"
-stop_cmd="named_stop"
-stop_postcmd="named_poststop"
-
-# If running in a chroot cage, ensure that the appropriate files
-# exist inside the cage, as well as helper symlinks into the cage
-# from outside.
-#
-# As this is called after the is_running and required_dir checks
-# are made in run_rc_command(), we can safely assume ${named_chrootdir}
-# exists and named isn't running at this point (unless forcestart
-# is used).
-#
-chroot_autoupdate()
-{
- local file
-
- # Create (or update) the chroot directory structure
- #
- if [ -r /etc/mtree/BIND.chroot.dist ]; then
- mtree -deU -f /etc/mtree/BIND.chroot.dist \
- -p ${named_chrootdir}
- else
- warn "/etc/mtree/BIND.chroot.dist missing,"
- warn "chroot directory structure not updated"
- fi
-
- # Create (or update) the configuration directory symlink
- #
- if [ ! -L "${named_conf%/*}" ]; then
- if [ -d "${named_conf%/*}" ]; then
- warn "named chroot: ${named_conf%/*} is a directory!"
- elif [ -e "${named_conf%/*}" ]; then
- warn "named chroot: ${named_conf%/*} exists!"
- else
- ln -s ${named_confdir} ${named_conf%/*}
- fi
- else
- # Make sure it points to the right place.
- ln -shf ${named_confdir} ${named_conf%/*}
- fi
-
- # Mount a devfs in the chroot directory if needed
- #
- if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
- umount ${named_chrootdir}/dev 2>/dev/null
- devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
- devfs -m ${named_chrootdir}/dev rule apply path null unhide
- devfs -m ${named_chrootdir}/dev rule apply path random unhide
- else
- if [ -c ${named_chrootdir}/dev/null -a \
- -c ${named_chrootdir}/dev/random ]; then
- info "named chroot: using pre-mounted devfs."
- else
- err 1 "named chroot: devfs cannot be mounted from" \
- "within a jail. Thus a chrooted named cannot" \
- "be run from within a jail." \
- "To run named without chrooting it, set" \
- "named_chrootdir=\"\" in /etc/rc.conf."
- fi
- fi
-
- # Copy and/or update key files to the chroot /etc
- #
- for file in localtime protocols services; do
- if [ -r /etc/$file ]; then
- cmp -s /etc/$file "${named_chrootdir}/etc/$file" ||
- cp -p /etc/$file "${named_chrootdir}/etc/$file"
- fi
- done
-}
-
-# Make symlinks to the correct pid file
-#
-make_symlinks()
-{
- checkyesno named_symlink_enable &&
- ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
-}
-
-named_poststart() {
- make_symlinks
-
- if checkyesno named_wait; then
- until ${command%/sbin/named}/bin/host $named_wait_host >/dev/null 2>&1; do
- echo " Waiting for nameserver to resolve $named_wait_host"
- sleep 1
- done
- fi
-}
-
-named_reload()
-{
- ${command%/named}/rndc reload
-}
-
-find_pidfile()
-{
- if get_pidfile_from_conf pid-file $named_conf; then
- pidfile="$_pidfile_from_conf"
- else
- pidfile="/var/run/named/pid"
- fi
-}
-
-named_stop()
-{
- find_pidfile
-
- # This duplicates an undesirably large amount of code from the stop
- # routine in rc.subr in order to use rndc to shut down the process,
- # and to give it a second chance in case rndc fails.
- rc_pid=$(check_pidfile $pidfile $command)
- if [ -z "$rc_pid" ]; then
- [ -n "$rc_fast" ] && return 0
- _run_rc_notrunning
- return 1
- fi
- echo 'Stopping named.'
- if ${command%/named}/rndc stop 2>/dev/null; then
- wait_for_pids $rc_pid
- else
- echo -n 'rndc failed, trying kill: '
- kill -TERM $rc_pid
- wait_for_pids $rc_pid
- fi
-}
-
-named_poststop()
-{
- if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then
- if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
- umount ${named_chrootdir}/dev 2>/dev/null || true
- else
- warn "named chroot:" \
- "cannot unmount devfs from inside jail!"
- fi
- fi
-}
-
-create_file() {
- if [ -e "$1" ]; then
- unlink $1
- fi
- > $1
- chown root:wheel $1
- chmod 644 $1
-}
-
-named_prestart()
-{
- find_pidfile
-
- if [ -n "$named_pidfile" ]; then
- warn 'named_pidfile: now determined from the conf file'
- fi
-
- command_args="-u ${named_uid:=root}"
-
- if [ ! "$named_conf" = '/etc/namedb/named.conf' ]; then
- case "$named_flags" in
- -c*|*' -c'*) ;; # No need to add it
- *) command_args="-c $named_conf $command_args" ;;
- esac
- fi
-
- local line nsip firstns
-
- # Is the user using a sandbox?
- #
- if [ -n "$named_chrootdir" ]; then
- rc_flags="$rc_flags -t $named_chrootdir"
- checkyesno named_chroot_autoupdate && chroot_autoupdate
- else
- named_symlink_enable=NO
- fi
-
- # Create an rndc.key file for the user if none exists
- #
- confgen_command="${command%/named}/rndc-confgen -a -b256 -u $named_uid \
- -c ${named_confdir}/rndc.key"
- if [ -s "${named_confdir}/rndc.conf" ]; then
- unset confgen_command
- fi
- if [ -s "${named_confdir}/rndc.key" ]; then
- case `stat -f%Su ${named_confdir}/rndc.key` in
- root|$named_uid) ;;
- *) $confgen_command ;;
- esac
- else
- $confgen_command
- fi
-
- local checkconf
-
- checkconf="${command%/named}/named-checkconf"
- if ! checkyesno named_chroot_autoupdate && [ -n "$named_chrootdir" ]; then
- checkconf="$checkconf -t $named_chrootdir"
- fi
-
- # Create a forwarder configuration based on /etc/resolv.conf
- if checkyesno named_auto_forward; then
- if [ ! -s /etc/resolv.conf ]; then
- warn "named_auto_forward enabled, but no /etc/resolv.conf"
-
- # Empty the file in case it is included in named.conf
- [ -s "${named_confdir}/auto_forward.conf" ] &&
- create_file ${named_confdir}/auto_forward.conf
-
- $checkconf $named_conf ||
- err 3 'named-checkconf for $named_conf failed'
- return
- fi
-
- create_file /var/run/naf-resolv.conf
- create_file /var/run/auto_forward.conf
-
- echo ' forwarders {' > /var/run/auto_forward.conf
-
- while read line; do
- case "$line" in
- 'nameserver '*|'nameserver '*)
- nsip=${line##nameserver[ ]}
-
- if [ -z "$firstns" ]; then
- if [ ! "$nsip" = '127.0.0.1' ]; then
- echo 'nameserver 127.0.0.1'
- echo " ${nsip};" >> /var/run/auto_forward.conf
- fi
-
- firstns=1
- else
- [ "$nsip" = '127.0.0.1' ] && continue
- echo " ${nsip};" >> /var/run/auto_forward.conf
- fi
- ;;
- esac
-
- echo $line
- done < /etc/resolv.conf > /var/run/naf-resolv.conf
-
- echo ' };' >> /var/run/auto_forward.conf
- echo '' >> /var/run/auto_forward.conf
- if checkyesno named_auto_forward_only; then
- echo " forward only;" >> /var/run/auto_forward.conf
- else
- echo " forward first;" >> /var/run/auto_forward.conf
- fi
-
- if cmp -s /etc/resolv.conf /var/run/naf-resolv.conf; then
- unlink /var/run/naf-resolv.conf
- else
- [ -e /etc/resolv.conf ] && unlink /etc/resolv.conf
- mv /var/run/naf-resolv.conf /etc/resolv.conf
- fi
-
- if cmp -s ${named_confdir}/auto_forward.conf \
- /var/run/auto_forward.conf; then
- unlink /var/run/auto_forward.conf
- else
- [ -e "${named_confdir}/auto_forward.conf" ] &&
- unlink ${named_confdir}/auto_forward.conf
- mv /var/run/auto_forward.conf \
- ${named_confdir}/auto_forward.conf
- fi
- else
- # Empty the file in case it is included in named.conf
- [ -s "${named_confdir}/auto_forward.conf" ] &&
- create_file ${named_confdir}/auto_forward.conf
- fi
-
- $checkconf $named_conf || err 3 'named-checkconf for $named_conf failed'
-}
-
-load_rc_config $name
-
-# Updating the following variables requires that rc.conf be loaded first
-#
-required_dirs="$named_chrootdir" # if it is set, it must exist
-
-named_confdir="${named_chrootdir}${named_conf%/*}"
-
-run_rc_command "$1"
diff --git a/etc/rc.d/ntpdate b/etc/rc.d/ntpdate
index 235e6c0..de7a132 100755
--- a/etc/rc.d/ntpdate
+++ b/etc/rc.d/ntpdate
@@ -4,7 +4,7 @@
#
# PROVIDE: ntpdate
-# REQUIRE: NETWORKING syslogd named
+# REQUIRE: NETWORKING syslogd
# KEYWORD: nojail
. /etc/rc.subr
diff --git a/etc/rc.d/rpcbind b/etc/rc.d/rpcbind
index 37a428a..60e2308 100755
--- a/etc/rc.d/rpcbind
+++ b/etc/rc.d/rpcbind
@@ -4,7 +4,7 @@
#
# PROVIDE: rpcbind
-# REQUIRE: NETWORKING ntpdate syslogd named
+# REQUIRE: NETWORKING ntpdate syslogd
# KEYWORD: shutdown
. /etc/rc.subr
diff --git a/etc/rc.d/syslogd b/etc/rc.d/syslogd
index 87f7de2..2842b48 100755
--- a/etc/rc.d/syslogd
+++ b/etc/rc.d/syslogd
@@ -21,7 +21,6 @@ extra_commands="reload"
sockfile="/var/run/syslogd.sockets"
evalargs="rc_flags=\"\`set_socketlist\` \$rc_flags\""
-altlog_proglist="named"
syslogd_precmd()
{
OpenPOWER on IntegriCloud