[CentOS] Setting up bind - location for includes

Mon Feb 18 17:46:45 UTC 2013
SilverTip257 <silvertip257 at gmail.com>

On Fri, Feb 15, 2013 at 2:47 PM, Robert Moskowitz <rgm at htt-consult.com>wrote:

>
> On 02/15/2013 02:27 PM, Louis Lagendijk wrote:
> > On Fri, 2013-02-15 at 11:44 -0500, Robert Moskowitz wrote:
> >> I am setting up bind this time around (just rebuilt my test machine via
> >> Kickstart) without chroot.
> >>
> >> I have a fair number of includes for named.conf; I have two views and
> >> other odds and ends.  My thoughts are to make a directory; /etc/named.d
> >> to put all these includes into instead of 'dirtying' up /etc.  This way
> >> the only files I replace/add to /etc are named.conf and rndc.key (I
> >> would like to work the latter around to also be in named.d, but this
> >> impacts rndc itself).
> >>
> > There is an /etc/named directory included in the bind package, I assume
> > that it is meant for this purpose...
>
> It is for your zone files, not necessarily for your named.conf
> includes.  Bind can write to this, and if your includes are there, in
> theory, more zones could be added to your domain.
>
>
The opposite.

named.conf resides in /etc/
I don't use /etc/named/ ... it isn't present on my CentOS 5 Bind DNS
server.  /etc/named/ is present since CentOS 6 came out.
Zones in /var/named - old [0], newer [1], newest [2]

[0] http://centos.org/docs/2/rhl-rg-en-7.2/s1-bind-configuration.html
[1]
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-bind-zone.html
[2]
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/s1-bind-zone.html



> > I just changed my config to use that (with the chroot package) as it get
> > bind mount from the standard startup script
>
> The lastest part of this thread is me getting 'current' and moving from
> relying on chroot and following Redhat/NSA recommendation to just use
> selinux protection.
>

Of course using a chroot will require the modification of paths in your
config file, but the directory structure is similar.
/var/named/chroot/var/named/ [2]


>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

-- 
---~~.~~---
Mike
//  SilverTip257  //