Create a separate directory for dynamic zones which is owned by the bind

user (for creation of the zone journal file). This is separate from the master/ directory for security. Give an example dynamic zone in the sample named.conf. Approved by: dougb Noticed by: Eivind Olsen <eivind at aminor.no> MFC after: 1 week
2004-11-04 05:24:29 +00:00 · 2004-11-04 05:24:29 +00:00 · b954282cbd
commit b954282cbd
parent a66bea6b5c
2 changed files with 16 additions and 0 deletions
--- a/etc/mtree/BIND.chroot.dist
+++ b/etc/mtree/BIND.chroot.dist
@ -9,6 +9,8 @@
    ..
    etc
        namedb
+            dynamic uname=bind
+            ..
            master
            ..
            slave   uname=bind
--- a/etc/namedb/named.conf
+++ b/etc/namedb/named.conf
@ -102,6 +102,20 @@ zone "example.com" {
 	};
 };

+// An example dynamic zone
+key "exampleorgkey" {
+        algorithm hmac-md5;
+        secret "sf87HJqjkqh8ac87a02lla==";
+};
+
+zone "example.org" {
+	type master;
+	allow-update {
+		key "exampleorgkey";
+	};
+	file "dynamic/example.org";
+};
+
 zone "0.168.192.in-addr.arpa" {
 	type slave;
 	file "slave/0.168.192.in-addr.arpa";