making Samba work [new detail]

[Claude Jones]

On Sat August 6 2005 1:49 pm, Paul Howarth wrote:
> On Sat, 2005-08-06 at 08:53 -0400, Claude Jones wrote:
> > While looking at DNS matters this am, I checked to see if BIND was
> > running:
> >
> > cj]# service named status
> > rndc: decode base64 secret: bad base64 encoding
> >
> > Can anyone tell me what this means?
>
> Your /etc/rndc.key probably hasn't got a proper secret in it.
>

Paul: I've been reading in circles on this, a good part of the day. I've read 
man pages on rncd.conf, named.conf, named; I'm reading Redhat docs on 
configuring BIND at the moment; it seem like each answer leads to a new 
question, and the hole gets deeper and deeper. 
For example, in reading on named.conf configuration, it says to use the 
include statement:
include "/etc/rndc.key";
I find this statement in my current rndc.conf, but not in named.conf; does 
this mean that both configuration files should have the include statement? 
Unfortuantely, the rndc.conf section doesn't speak to this. 
Then there is the question of where to put a key if you generate a new one. I 
found some instructions from Alexander using google; 

"Simpler to only generate the value of the key you can use "dns-keygen".
It will simply print out a new random key. Put it into the rndc.key file
where now the @KEY@ appears. Keep care for location when running
bind-chrooted, then the default location is
/var/named/chroot/etc/rndc.key."

I have no idea whether I'm running BIND-chrooted, so that set me off on an 
odyssey, but I can't figure it out - how do you tell?  I think this probably 
sounds like a real dumb question, but swallowing any residual pride, there it 
is. 

I looked in /var/named/chroot/etc/rndc.key and found a value there. So, that 
led me to wonder where that got generated, which led me to think maybe I was 
somehow chrooted....well, if you can offer some further light here, it would 
be greatly appreciated. 




-- 
Claude Jones
Bluemont, VA, USA