tkey-gssapi-keytab - Bind 9.8.1

Bob Cavey wedgeshot at
Fri Nov 11 08:24:57 MST 2011

Hmmmm.    I just looked at my named.conf.update and update-policy is
the only section in that file.   granted I'm still on alpha14 but
upgrading very soon ( need to not break anything until we get through
an important test )

If you have not bailed over to debian try running  setenforce 0 to
temporarily disable selinux to get things running first and then turn
back on ( setenforce 1 ) and fix the breakage.

>From rpm -qi bind
Name       : bind
Version    : 9.7.3                       Vendor: Red Hat, Inc.
Release   : 2.el6_1.P3.2       Build Date:  Tue 05 Jul 2011 .......

contents of my named.conf.update ( domain and server name change )
update-policy {
      grant DOMAIN.LOCAL ms-self * A AAAA;
      grant Administrator at DOMAIN.LOCAL wildcard * A AAAA SRV CNAME;

>> Hi Bob,
>> I just tried that but to no avail. The upgrade brought me to 'BIND
>> 9.7.3-P3-RedHat-9.7.3-2.el6_1.P3.2' but following the 'Instructions for
>> bind9 9.7.x' in the wiki results in;
>> Error in named configuration:
>> /usr/local/samba/private/named.conf.update:2: unknown option
>> 'update-policy'
>> which I guess is ultimately the same problem as I've got with building
>> 9.8.1.
> Following up my own post, the results are the same on a CentOS 6 VM so I
> guess it's probably an OS/Vendor issue. I think I'll just bin CentOS and use
> good old Debian. I know that works.
> Cheers,

More information about the samba-technical mailing list