Why in the world does a dist-upgrade via yum touch my named.conf and try to add 3 dnssec-lines? named.conf has NEVER to be touched by any update, there are .rpmnew-files and in worstcase .rpmsave but do not try to change existing configurations you do not know this change results in a invalid syntax becuaso it is set in my allow-recursion{} section instead before oder after, so bind is dead after that happened on two machines 195.206.96.89; 195.206.96.90; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside . trust-anchor dlv.isc.org.; }; };
This report is a dup of https://bugzilla.redhat.com/show_bug.cgi?id=510290 I agree that named.conf should not be modified by software ... this is a "user" defined configuration file. BUT, if it is modified, then the modification should WORK! It currently does not. Yes, it works for simplistic cases but does not handle the actual free-form officially allowed for named.conf. Specifically, it does not parse "options" correctly. If the left-brace after options is on a separate line, it screws up. If (as in my case) I use multiple physical lines for lists of ip-numbers with "};" on a separate line, it screws up. Yes, you can edit named.conf so the problem will not occur but this should not be necessary.
I am marking this as a dup so that there is only one report thread to follow. See that bug report for additional information. *** This bug has been marked as a duplicate of bug 510290 ***