On Wed, 9 Jul 2008, Stef wrote: S> Thanks! S> S> Here are simple steps to use this instead of the base named (and easily S> go back later): S> S> # cd /usr/ports/dns/bind9 S> # make && make install S> # ln -s /etc/namedb/named.conf /usr/local/etc/named.conf S> # echo 'named_program="/usr/local/sbin/named" >> /etc/rc.conf S> # /etc/rc.d/named restart S> S> LMK if I missed something.
(or use NO_BIND= in /etc/make.conf and WITH_REPLACE_BASE= on port options, but be careful when upgrading configs...) Just to have you and other related parties informed of a pitfall I stepped into: -- 8< -- From: BIND9 Bugs via RT <[EMAIL PROTECTED]> Subject: [ISC-Bugs #18265] AutoReply: bind update to 9.4.2.1: 'empty label' inconsistent check ------------------------------------------------------------------------- Dear Doug and ISC maintainers, just updated bind94 on our master server and found that together with vulnerability fixes there is at least one glitch in configuration checks History: we have automatic scripted system to secondary some zones from one of our partners. so, part of named.conf is auto-generated, then checked via named-checkconf and then applied. After today upgrade I found that new server failed to start, which is really a PITA, as it has 13k+ authoritative zones. Named-checkconf does not return an error. named reports 'empty label' without any reference to config file and/or line number. After some nervous minutes of binary search ;-) I found the offending line, which erroneously contains two dots instead of one. I suppose this should be fixed at least in named-checkconf. -- 8< -- Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] [ FreeBSD committer: [EMAIL PROTECTED] ] ------------------------------------------------------------------------ *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- [EMAIL PROTECTED] *** ------------------------------------------------------------------------ _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
