Bug 27442 - rndc doesn't work
rndc doesn't work
Product: Red Hat Linux
Classification: Retired
Component: bind (Show other bugs)
All Linux
high Severity high
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2001-02-13 15:54 EST by Chris Ricker
Modified: 2005-10-31 17:00 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-06-21 18:21:11 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Chris Ricker 2001-02-13 15:54:28 EST
BIND 9 replaces ndc with rndc.  By default, the RPMs have rndc configured
to work (kinda; the "default_key" and "key" names need to be something
besides "key" as named sees that as a reserved term apparently; I've been
naming them rndc_key in both rndc.conf and named.conf with good results),
but they don't have named configured to work with rndc.  At least the
following needs to be added to /etc/named.conf:

controls {
        inet allow { localhost; } keys { rndc_key; };

key "rndc_key" {
        algorithm hmac-md5;
        secret "<same secret as in /etc/rndc.conf>";

where, obviously, the <same secret as in /etc/rndc.conf> is replaced with
the actual secret from rndc.conf.

Without the controls statement, named won't even be listening for rndc
commands.  Without the key statement, it won't be able to accept rndc
commands from the local host.

There are probably also changes that need to be made to the bindconf
package to accomodate the rndc behavior, but I haven't had time to try it
yet and see....  As shipped, though, bind is fundamentally broken if rndc
doesn't work out-of-the-box on the local host.
Comment 1 Glen Foster 2001-02-15 20:07:56 EST
This defect is considered MUST-FIX for Florence Release-Candidate #2
Comment 2 Bernhard Rosenkraenzer 2001-02-27 13:11:11 EST
Fixed in 9.1.0-4
Comment 3 Stacy Pennington 2001-06-21 18:21:07 EDT
This doesn't seems to be fixed with bind-9.1.0-10 (7.1 package). I had to name
my key something other than "key" (such as "rndc_key") and set up the "control"
block to read:

controls {
	inet allow { localhost; } keys { rndc_key; };

Then, I had to got to /etc/rndc.conf and change the name of the key in three
places to "rndc_key" and reload named. Finally, rndc would work.

Is this normal? Seems like a bug to me...
Comment 4 Bernhard Rosenkraenzer 2001-06-26 11:28:31 EDT
bind doesn't have anything to do with the named.conf file (except that it 
reads and parses it).
I've fixed up caching-nameserver now.

Note You need to log in before you can comment on or make changes to this bug.