In message <4adb44a5.2060...@htt-consult.com>, Robert Moskowitz writes: > > > Chris Thompson wrote: > > On Oct 18 2009, Joseph S D Yao wrote: > > > >> On Sat, Oct 17, 2009 at 10:33:37PM -0400, Robert Moskowitz wrote: > >>> I am trying to build up an environment where the user can maintain > >>> custom files and leave the basic files alone. > >>> > >>> So I have a named.acl that works, I add an include line: > >>> > >>> acl "hdanets" { > >>> 192.168.1.0/24; // hda network > >>> include "custom.acl"; > >>> }; > >>> > >>> > >>> and get the error: > >>> > >>> Starting named: > >>> Error in named configuration: > >>> named.acl:3: missing ';' before '"' > >> ... > >> > >> > >> Glancing through the 9.6 ARM <https://www.isc.org/files/Bv9.6ARM.pdf>, > >> it seems to me that "include" is a statement, and needs to be parsed > >> outside of any other statements, not inside a statement. > > > > That's what it *says* ... but it is being economical with the truth! > > > >> Inside the > >> "acl" statement the parser would expect to see IP addresses, networks in > >> the ip.ad.dr.ess/xx format, keys with the name prepended by the keyword > >> "key", and the names of other ACLs. When it encounters the word > >> "include" in this context, it parses it as the name of an ACL - after > >> which, the '"' is out of place. > > > > As long ago as BIND 9.2, you'll find this in the CHANGES file: > > > > 764. [func] Configuration files now allow "include" directives > > in more places, such as inside the "view" > > statement. > > [RT #377, #728, #860] > > > > Roughly, "include" can occur instead of a keyword in any list where all > > list elements are introduced by keywords; e.g. "view", "options", > > "logging", > > "zone". But not "acl" because the elements there do not (in general) > > start > > with keywords. > > Oh, fiddlesticks!!!! ;)' > > This complicates matters. It would have made it very easy to bootstrap > into this process if this was supported.
acl's can include other acls. I'm having a hard time seeing why you need to include a file here. include "custom.acl"; // defines acl "customacl" acl "hdanets" { 92.168.1.0/24; // hda network customacl; }; > > For the whole truth, you need to look at lib/isccfg/namedconf.c and > > lib/isccfg/parser.c and work out in exactly which cases cfg_parse_mapbody > > in the latter gets called :-( > > I am not much into reading c code. I never really programmed in c. Did > do some programming in b.... > > So reading someone elses script and recommending changes has been > challenging enough! > > > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users