On 22/07/2020 15:06, Josef Moellers wrote:
Hi Josef,
named complains about the missing file /etc/bind.keys if run chrooted:
unable to open '/etc/bind.keys' using built-in keys
What is the preferred way around this? Add "/etc/bind-keys" to
NAMED_CONF_INCLUDE_FILES?
Or just ignore the warning, and let BIND use its built-in keys.
named complains about the missing file /etc/bind.keys if run chrooted:
unable to open '/etc/bind.keys' using built-in keys
What is the preferred way around this? Add "/etc/bind-keys" to NAMED_CONF_INCLUDE_FILES?
It turns out that it is mainly the warning the partner is irritade about.
So, let me put the question the other way round: what would happen if we *always* copied /etc/bind.keys to the chroot environment? If there would
be no harm, I could easily add that to eg /etc/init.d/named or the
systemd service file. But the question now is: does it do any harm?
On 22/07/2020 15:30, Josef Moellers wrote:
Or just ignore the warning, and let BIND use its built-in keys.
If /etc/bind.keys contains some additional keys, this will not work ;-)
Sure, but what additional keys do you expect this file to contain? Are
you serving an alternate signed root zone?
Or just ignore the warning, and let BIND use its built-in keys.
If /etc/bind.keys contains some additional keys, this will not work ;-)
There is no harm in copying the file into the chroot. It will get rid of
the warning.
On 22/07/2020 15:06, Josef Moellers wrote:
named complains about the missing file /etc/bind.keys if run chrooted: unable to open '/etc/bind.keys' using built-in keys
What is the preferred way around this? Add "/etc/bind-keys" to NAMED_CONF_INCLUDE_FILES?
Or just ignore the warning, and let BIND use its built-in keys.
On 22/07/2020 16:51, Josef Moellers wrote:
It turns out that it is mainly the warning the partner is irritade about.
So, let me put the question the other way round: what would happen if we
*always* copied /etc/bind.keys to the chroot environment? If there would
be no harm, I could easily add that to eg /etc/init.d/named or the
systemd service file. But the question now is: does it do any harm?
There is no harm in copying the file into the chroot. It will get rid of
the warning.
If /etc/bind.keys contains some additional keys, this will not work ;-)
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 491 |
Nodes: | 16 (2 / 14) |
Uptime: | 127:34:08 |
Calls: | 9,688 |
Calls today: | 4 |
Files: | 13,728 |
Messages: | 6,177,251 |