FC5: Incorrect rndc.key from bind-package?
David Hollis
dhollis at davehollis.com
Fri Mar 24 14:26:33 UTC 2006
On Thu, 2006-03-23 at 23:45 +0100, Stefan Neufeind wrote:
> Hi,
>
> upon upgrading from a working FC4 to FC5 I encountered that named
> wouldn't start up anymore because of an incorrect /etc/rndc.key.
>
> It contained:
>
> # cat /etc/rndc.key
> key "rndckey" {
> algorithm hmac-md5;
> secret "@KEY@";
> };
>
> which belonged to
>
> # rpm -qf /etc/rndc.key
> bind-9.3.2-12.FC5
>
> Has somebody else seen something like this? Does somebody know if the
> install-scripts should replace @KEY@ with a random-key?
This snippet from the bind %postinstall should take care of it:
if /bin/egrep -q '@KEY@' /etc/rndc.key; then
/bin/sed -i -e
"s^@KEY@^`/usr/sbin/dns-keygen`^" /etc/rndc.key ;
chmod 0640 /etc/rndc.key
chown root:named /etc/rndc.key
fi
--
David Hollis <dhollis at davehollis.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20060324/8af41f8b/attachment.sig>
More information about the fedora-devel-list
mailing list