Bug 107343 - /etc/rndc.key missing pre-generated key?
/etc/rndc.key missing pre-generated key?
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: bind (Show other bugs)
rawhide
i586 Linux
medium Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks: CambridgeBlocker
  Show dependency treegraph
 
Reported: 2003-10-17 00:38 EDT by Daniel McNamara
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-10-17 10:44:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Daniel McNamara 2003-10-17 00:38:17 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624

Description of problem:
Possibly not a bug. But in previous versions of the Fedora core tests an install
of the bind package would create a pre-generated secret key in the /etc/rndc.key
file. In test 3 however this appears to missing with the file containing nothing
more than:

key "rndckey" {
        algorithm       hmac-md5;
        secret "@KEY@";
};

Lack of a pre-generated secret key means that named will not start
"out-of-the-box". I'm not sure if this was an oversight or a delibrate move to
force admins to create their own key.

Version-Release number of selected component (if applicable):
bind-9.2.2.P3-6

How reproducible:
Always

Steps to Reproduce:
1. Install minimal base of Fedora test 3
2. Install bind rpm
3. Attemtpt to start named - Although he start scripts claims success a check of
the logs shows that due to the lack of a proper secret key it exists.
    

Actual Results:  named failes to start with default config

Expected Results:  To get it to work out-of-the-box perhaps the key should be there?

Additional info:
Comment 1 Ryan Bowen 2003-10-17 09:42:15 EDT
I see the exact same behaviour : it appears like named starts ok, but exits due
to a fatal error due to the bade base64 encoding of the duff key in
/etc/rndc.key. This was not the case for RH8 or RH9; where a key was
auto-generated during install.

For Fedora Core 0.95 test 3, I used rndc-confgen and copied the proper base64
key to /etc/rndc.key, replacing "@KEY@". This creates a new key every time it's
run; but you do have to manually copy the key to the file. 

named now starts ok after the above key generation.
Comment 2 Daniel Walsh 2003-10-17 10:44:10 EDT
Fixed in bind-9.2.2.P3-8 on Rawhide.  You must uninstall and then reinstall, to
get the key generated.  Basically the install was changed to not do this on an
upgrade, but there was a bug.

Dan

Note You need to log in before you can comment on or make changes to this bug.