Adjust rc.conf to run named in sandbox, adjust mtree to add /etc/namedb/s
subdirectory (user bind, group bind) to hold secondaries, adjust
comments in named.conf to reflect new secondary scheme. (Note that
core read-only zone files are left owned by root, increasing security even
more).
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
The named.root file is out of date.. (well it was.. this fixes it..)
15,16c15,16
< ; last update: Aug 25, 1995
< ; related version of root zone: 1995082500
---
> ; last update: Sep 1, 1995
> ; related version of root zone: 1995090100
18,19c18,22
< . 3600000 IN NS NS.INTERNIC.NET.
< NS.INTERNIC.NET. 3600000 A 198.41.0.4
---
> ;
> ; formerly NS.INTERNIC.NET
> ;
> . 3600000 IN NS A.ROOT-SERVERS.NET.
> A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
>
Delete bogus localhost.rev.
Add prototype localhost.rev and a script to create it automatically.
(NB to installl people: you should ask ``do you have a full-time connection
o the Internet?'', run this script, and enable named if the answer is
yes.)