suggested patch to /usr/ports/dns/bind99/files/named.in

Curtis Villamizar curtis at ipv6.occnc.com
Sat Apr 11 19:09:19 UTC 2015 

Mat,

You are listed as the maintainer of dns/bind99 so this is addressed to
you.  Sorry to trouble you.

A similar patch can be applied to dns/bind910.  There would be a line
number shift.  I tried it - it works.

The purpose of this patch is to fix two very minor annoyances.

  1.  If named.conf is moved in /etc/rc.conf with a line such as
      named_conf=/etc/namedb/named.conf, then rndc-confgen creates a
      key in the /etc/namedb but /usr/local/etc/rc.d/named restart or
      reload won't use that key file.  The reload will fail, but the
      restart falls back to using kill.

  2.  The second problem is that if a rndc.conf file is used and put
      in /etc/namedb, rndc won't find it.  It is necessary to use an
      rndc.conf file if running named in a jail, where there is no
      127.0.0.1 address or if running IPv6 only and in other
      circumstances, such as if it is desirable to reload remotely
      (although an ssh command also solves this).

The change is simply to load up a rndc_flags variable and use it in
the two places where rndc is used.

btw- there seems to be a non-ascii character in the comment on line
188 after the string "but ${named_program}".  I had to replace that
with a space to get this email message to go out.  As a result the
second hunk may have to be applied manually but its a one line change
(one word addition).

Curtis


--- files/named.in.save	2015-03-25 16:25:30.000000000 -0400
+++ files/named.in	2015-04-11 15:02:48.556657000 -0400
@@ -62,6 +62,17 @@
 _named_program_root="${named_program%/sbin/named}"
 _openssl_engines="%%LOCALBASE%%/lib/engines"
 
+# Needed if named.conf and rndc.key are moved or if rndc.conf is used
+rndc_conf=${rndc_conf:-"$_named_confdir/rndc.conf"}
+rndc_key=${rndc_key:-"$_named_confdir/rndc.key"}
+if [ -s $rndc_conf ] ; then
+    rndc_flags=${rndc_flags:-"-c $rndc_conf"}
+elif [ -s $rndc_key ] ; then
+    rndc_flags=${rndc_flags:-"-k $rndc_key"}
+else
+    rndc_flags=${rndc_flags:-""}
+fi
+
 # If running in a chroot cage, ensure that the appropriate files
 # exist inside the cage, as well as helper symlinks into the cage
 # from outside.
@@ -187,7 +198,7 @@
 {
 	# This is a one line function, but ${named_program} is not defined early
 	# enough to be there when the reload_cmd variable is defined up there.
-	${_named_program_root}/sbin/rndc reload
+	${_named_program_root}/sbin/rndc $rndc_flags reload
 }
 
 find_pidfile()
@@ -213,7 +224,7 @@
 		return 1
 	fi
 	echo 'Stopping named.'
-	if ${_named_program_root}/sbin/rndc stop 2>/dev/null; then
+	if ${_named_program_root}/sbin/rndc $rndc_flags stop 2>/dev/null; then
 		wait_for_pids ${rc_pid}
 	else
 		echo -n 'rndc failed, trying kill: '

More information about the freebsd-ports mailing list