Hi Vlad,
Did you specify the socket filename (/tmp/sock from your update-policy
example) when running it? According to the man page:
https://bind9.readthedocs.io/en/v9_18_11/manpages.html#nsupdate-dynamic-dns-update-utility
the final argument for the command line is an optional filename. If
not specified, I think that nsupdate just does lookups to find the SOA
and attempts updates via the IP addresses associated with the records
you are trying to update.
something like `nsupdate /tmp/sock` I think maybe? I don't know...
I've never tried it.
On Tue, Mar 14, 2023 at 2:01 PM Vladimir Brik
<vladimir.b...@icecube.wisc.edu> wrote:
>
> Thanks, quoting worked!
>
> Does anybody know if the socket of an "external"
> update-policy supposed to receive data for every dynamic DNS
> update?
>
> I `strace`ed the `named` process and pushed some updates
> using nsupdate, but I saw no attempts to do anything with
> the socket file (no opens, no writes) and nothing related to
> the socket in the logs either.
>
> I am not sure how to start debugging this. Can anyone help?
>
>
> Vlad
>
>
> On 3/14/23 11:06, Ondřej Surý wrote:
> > I haven't used this personally, but in the system tests, this works:
> >
> > update-policy {
> > grant administra...@example.nil wildcard * A AAAA SRV CNAME;
> > grant testden...@example.nil wildcard * TXT;
> > grant "local:/tmp/auth.sock" external * CNAME;
> > };
> >
> > e.g. you need to quote the path.
> >
> > The documentation is silent on NAME field, but I would suggest using either
> > * or . as placeholder.
> >
> > Ondrej
> > --
> > Ondřej Surý (He/Him)
> > ond...@isc.org
> >
> > My working hours and your working hours may be different. Please do not
> > feel obligated to reply outside your normal working hours.
> >
> >
> >
> >> On 14. 3. 2023, at 16:56, Vladimir Brik <vladimir.b...@icecube.wisc.edu>
> >> wrote:
> >>
> >> Hello
> >>
> >> I am trying to set up an "external" dynamic DNS update policy but I can't
> >> figure out the syntax.
> >>
> >> The documentation [1] says that the "identity" field needs to be in the
> >> form local:PATH, but using something like the following results in an
> >> error: "expected unquoted string near '/'", and I don't know how to fix it.
> >>
> >> update-policy {
> >> grant local:/tmp/sock external NAME txt;
> >> };
> >>
> >> Also, the documentation doesn't say how NAME is interpreted. Is it ignored?
> >>
> >>
> >> Thanks very much
> >>
> >> Vlad
> >>
> >>
> >> [1]
> >> https://bind9.readthedocs.io/en/latest/reference.html#namedconf-statement-update-policy
> >> --
> >> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> >> from this list
> >>
> >> ISC funds the development of this software with paid support
> >> subscriptions. Contact us at https://www.isc.org/contact/ for more
> >> information.
> >>
> >>
> >> bind-users mailing list
> >> bind-users@lists.isc.org
> >> https://lists.isc.org/mailman/listinfo/bind-users
> >
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
> this list
>
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
