Samba 4 @ BIND 9.8.1. ' update denied '
Amitay Isaacs
amitay at gmail.com
Sun Nov 20 16:55:42 MST 2011
Hi Rafa,
On Tue, Nov 15, 2011 at 10:28 PM, Rafa Toucedo <debian.vigo at gmail.com>wrote:
> Hello again, I'm going to "auto-response"
>
> I managed to avoid the "deny" as follows:
>
> (I put my configuration files) using named 9.8.1 at centos 5.7
>
> /etc/named.conf
>
> options {
> directory "/etc/named";
> pid-file "/var/run/named/pid";
> dump-file "/var/dump/named_dump.db";
> statistics-file "/var/stats/named.stats";
> listen-on {172.20.0.0/16;};
> # check-names master ignore;
> TKey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
> };
>
> zone "." {
> type hint;
> file "named.root";
> };
>
> zone "0.0.127.IN-ADDR.ARPA" {
> type master;
> file "localhost.rev";
> };
>
> include "/usr/local/samba/private/named.conf";
>
> now open /usr/local/samba/private/named.conf
>
> zone "infralabs.loc." IN {
> type master;
> file "/ usr / local / samba / private / dns / infralabs.loc.zone";
> *I added the following line (the allow-update ...)*
> allow-update {any;}
>
> I "comment out" the next 'INCLUDE'
>
> *# Include "/usr/local/samba/private/named.conf.update";*
>
> the file which references the include contains the following:
>
>
> update-policy {
> ms-self INFRALABS.LOC grant * A AAAA;
> Administrator at INFRALABS.LOC grant wildcard * A AAAA CNAME SRV;
> S4 $ @ infralabs.loc grant wildcard * A AAAA CNAME SRV;
> };
>
> if you do not comment that "include" I do not start the named
>
Can you start named manually as /usr/sbin/named -u named -f -g and check
why bind fails to start?
And can you use the private/named.conf as generated by provision?
Thanks.
Amitay.
More information about the samba-technical
mailing list