Bug 27442 - rndc doesn't work
Summary: rndc doesn't work
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: bind
Version: 7.1
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Bernhard Rosenkraenzer
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-02-13 20:54 UTC by Chris Ricker
Modified: 2005-10-31 22:00 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2001-06-21 22:21:11 UTC
Embargoed:


Attachments (Terms of Use)

Description Chris Ricker 2001-02-13 20:54:28 UTC
BIND 9 replaces ndc with rndc.  By default, the RPMs have rndc configured
to work (kinda; the "default_key" and "key" names need to be something
besides "key" as named sees that as a reserved term apparently; I've been
naming them rndc_key in both rndc.conf and named.conf with good results),
but they don't have named configured to work with rndc.  At least the
following needs to be added to /etc/named.conf:

controls {
        inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};

key "rndc_key" {
        algorithm hmac-md5;
        secret "<same secret as in /etc/rndc.conf>";
};

where, obviously, the <same secret as in /etc/rndc.conf> is replaced with
the actual secret from rndc.conf.

Without the controls statement, named won't even be listening for rndc
commands.  Without the key statement, it won't be able to accept rndc
commands from the local host.

There are probably also changes that need to be made to the bindconf
package to accomodate the rndc behavior, but I haven't had time to try it
yet and see....  As shipped, though, bind is fundamentally broken if rndc
doesn't work out-of-the-box on the local host.

Comment 1 Glen Foster 2001-02-16 01:07:56 UTC
This defect is considered MUST-FIX for Florence Release-Candidate #2

Comment 2 Bernhard Rosenkraenzer 2001-02-27 18:11:11 UTC
Fixed in 9.1.0-4

Comment 3 Stacy Pennington 2001-06-21 22:21:07 UTC
This doesn't seems to be fixed with bind-9.1.0-10 (7.1 package). I had to name
my key something other than "key" (such as "rndc_key") and set up the "control"
block to read:

controls {
	inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};

Then, I had to got to /etc/rndc.conf and change the name of the key in three
places to "rndc_key" and reload named. Finally, rndc would work.

Is this normal? Seems like a bug to me...

Comment 4 Bernhard Rosenkraenzer 2001-06-26 15:28:31 UTC
bind doesn't have anything to do with the named.conf file (except that it 
reads and parses it).
I've fixed up caching-nameserver now.



Note You need to log in before you can comment on or make changes to this bug.