CentOS Bug Tracker
CentOS Bug Tracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0005311CentOS-6bindpublic2011-12-15 12:392012-01-13 00:11
Reporterventura10 
PrioritynormalSeveritymajorReproducibilityalways
StatusassignedResolutionopen 
Platformx86_64OSCentOSOS Version6
Product Version6.0 
Target VersionFixed in Version 
Summary0005311: Bind does not provide /etc/rndc.key
DescriptionPackage bind-9.7.3-2.el6_1.P3.3.x86_64 (maybe others) does not provide /etc.rndc.key

Without /etc/rndc.key is impossible to run rndc commands, as shown:

[root@michelangelo ~]# rndc status
rndc: neither /etc/rndc.conf nor /etc/rndc.key was found
Steps To Reproducerpm2cpio bind-9.7.3-2.el6_1.P3.3.x86_64.rpm | cpio -t | grep rndc.key
Additional InformationThese are the files provide by the package:

./etc/NetworkManager/dispatcher.d/13-named
./etc/logrotate.d/named
./etc/named
./etc/named.conf
./etc/named.iscdlv.key
./etc/named.rfc1912.zones
./etc/named.root.key
./etc/rc.d/init.d/named
./etc/sysconfig/named
./usr/lib64/bind
./usr/sbin/arpaname
./usr/sbin/ddns-confgen
./usr/sbin/dnssec-dsfromkey
./usr/sbin/dnssec-keyfromlabel
./usr/sbin/dnssec-keygen
./usr/sbin/dnssec-revoke
./usr/sbin/dnssec-settime
./usr/sbin/dnssec-signzone
./usr/sbin/genrandom
./usr/sbin/isc-hmac-fixup
./usr/sbin/named-checkconf
./usr/sbin/named-checkzone
./usr/sbin/named-compilezone
./usr/sbin/named-journalprint
./usr/sbin/nsec3hash
./usr/sbin/rndc
./usr/sbin/rndc-confgen
./usr/share/doc/bind-9.7.3
./usr/share/doc/bind-9.7.3/CHANGES
./usr/share/doc/bind-9.7.3/COPYRIGHT
./usr/share/doc/bind-9.7.3/Copyright
./usr/share/doc/bind-9.7.3/README
./usr/share/doc/bind-9.7.3/arm
./usr/share/doc/bind-9.7.3/arm/Bv9ARM-book.xml
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch01.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch02.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch03.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch04.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch05.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch06.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch07.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch08.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch09.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.ch10.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.html
./usr/share/doc/bind-9.7.3/arm/Bv9ARM.pdf
./usr/share/doc/bind-9.7.3/arm/Makefile
./usr/share/doc/bind-9.7.3/arm/Makefile.in
./usr/share/doc/bind-9.7.3/arm/README-SGML
./usr/share/doc/bind-9.7.3/arm/dnssec.xml
./usr/share/doc/bind-9.7.3/arm/isc-logo.eps
./usr/share/doc/bind-9.7.3/arm/isc-logo.pdf
./usr/share/doc/bind-9.7.3/arm/latex-fixup.pl
./usr/share/doc/bind-9.7.3/arm/libdns.xml
./usr/share/doc/bind-9.7.3/arm/man.arpaname.html
./usr/share/doc/bind-9.7.3/arm/man.ddns-confgen.html
./usr/share/doc/bind-9.7.3/arm/man.dig.html
./usr/share/doc/bind-9.7.3/arm/man.dnssec-dsfromkey.html
./usr/share/doc/bind-9.7.3/arm/man.dnssec-keyfromlabel.html
./usr/share/doc/bind-9.7.3/arm/man.dnssec-keygen.html
./usr/share/doc/bind-9.7.3/arm/man.dnssec-revoke.html
./usr/share/doc/bind-9.7.3/arm/man.dnssec-settime.html
./usr/share/doc/bind-9.7.3/arm/man.dnssec-signzone.html
./usr/share/doc/bind-9.7.3/arm/man.genrandom.html
./usr/share/doc/bind-9.7.3/arm/man.host.html
./usr/share/doc/bind-9.7.3/arm/man.isc-hmac-fixup.html
./usr/share/doc/bind-9.7.3/arm/man.named-checkconf.html
./usr/share/doc/bind-9.7.3/arm/man.named-checkzone.html
./usr/share/doc/bind-9.7.3/arm/man.named-journalprint.html
./usr/share/doc/bind-9.7.3/arm/man.named.html
./usr/share/doc/bind-9.7.3/arm/man.nsec3hash.html
./usr/share/doc/bind-9.7.3/arm/man.nsupdate.html
./usr/share/doc/bind-9.7.3/arm/man.rndc-confgen.html
./usr/share/doc/bind-9.7.3/arm/man.rndc.conf.html
./usr/share/doc/bind-9.7.3/arm/man.rndc.html
./usr/share/doc/bind-9.7.3/arm/managed-keys.xml
./usr/share/doc/bind-9.7.3/arm/pkcs11.xml
./usr/share/doc/bind-9.7.3/draft
./usr/share/doc/bind-9.7.3/draft/draft-ietf-6man-text-addr-representation-07.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-behave-address-format-07.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-behave-dns64-11.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-axfr-clarify-14.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-dns-tcp-requirements-03.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-dnssec-bis-updates-12.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-dnssec-registry-fixes-06.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-ecc-key-07.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-interop3597-02.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-rfc2671bis-edns0-02.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-rfc2672bis-dname-19.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-rfc3597-bis-02.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsext-tsig-md5-deprecated-03.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsop-bad-dns-res-05.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsop-default-local-zones-10.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsop-dnssec-key-timing-00.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsop-dnssec-trust-history-01.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsop-inaddr-required-07.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsop-name-server-management-reqs-02.txt
./usr/share/doc/bind-9.7.3/draft/draft-ietf-dnsop-respsize-06.txt
./usr/share/doc/bind-9.7.3/draft/draft-kato-dnsop-local-zones-00.txt
./usr/share/doc/bind-9.7.3/draft/draft-kerr-ixfr-only-01.txt
./usr/share/doc/bind-9.7.3/draft/draft-mekking-dnsop-auto-cpsync-00.txt
./usr/share/doc/bind-9.7.3/draft/draft-yao-dnsext-bname-04.txt
./usr/share/doc/bind-9.7.3/draft/update
./usr/share/doc/bind-9.7.3/misc
./usr/share/doc/bind-9.7.3/misc/Makefile
./usr/share/doc/bind-9.7.3/misc/Makefile.in
./usr/share/doc/bind-9.7.3/misc/dnssec
./usr/share/doc/bind-9.7.3/misc/format-options.pl
./usr/share/doc/bind-9.7.3/misc/ipv6
./usr/share/doc/bind-9.7.3/misc/migration
./usr/share/doc/bind-9.7.3/misc/migration-4to9
./usr/share/doc/bind-9.7.3/misc/options
./usr/share/doc/bind-9.7.3/misc/rfc-compliance
./usr/share/doc/bind-9.7.3/misc/roadmap
./usr/share/doc/bind-9.7.3/misc/sdb
./usr/share/doc/bind-9.7.3/misc/sort-options.pl
./usr/share/doc/bind-9.7.3/named.conf.default
./usr/share/doc/bind-9.7.3/rfc
./usr/share/doc/bind-9.7.3/rfc/index.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1032.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1033.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1034.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1035.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1101.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1122.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1123.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1183.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1348.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1535.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1536.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1537.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1591.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1611.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1612.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1706.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1712.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1750.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1876.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1886.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1912.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1982.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1995.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc1996.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2052.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2104.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2119.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2133.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2136.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2137.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2163.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2168.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2181.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2230.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2308.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2317.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2373.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2374.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2375.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2418.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2535.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2536.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2537.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2538.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2539.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2540.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2541.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2553.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2671.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2672.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2673.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2782.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2825.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2826.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2845.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2874.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2915.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2929.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2930.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc2931.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3007.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3008.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3071.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3090.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3110.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3123.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3152.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3197.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3225.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3226.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3258.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3363.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3364.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3425.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3445.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3467.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3490.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3491.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3492.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3493.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3513.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3596.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3597.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3645.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3655.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3658.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3755.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3757.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3833.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3845.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc3901.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4025.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4033.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4034.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4035.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4074.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4159.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4193.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4255.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4294.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4339.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4343.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4367.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4398.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4408.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4431.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4470.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4471.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4472.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4509.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4634.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4635.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4641.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4648.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4697.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4701.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4892.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4955.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc4956.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc5001.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc5011.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc5155.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc5205.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc5452.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc5507.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc5625.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc5702.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc5933.txt.gz
./usr/share/doc/bind-9.7.3/rfc/rfc952.txt.gz
./usr/share/doc/bind-9.7.3/rfc1912.txt
./usr/share/doc/bind-9.7.3/sample
./usr/share/doc/bind-9.7.3/sample/etc
./usr/share/doc/bind-9.7.3/sample/etc/named.conf
./usr/share/doc/bind-9.7.3/sample/etc/named.rfc1912.zones
./usr/share/doc/bind-9.7.3/sample/var
./usr/share/doc/bind-9.7.3/sample/var/named
./usr/share/doc/bind-9.7.3/sample/var/named/data
./usr/share/doc/bind-9.7.3/sample/var/named/my.external.zone.db
./usr/share/doc/bind-9.7.3/sample/var/named/my.internal.zone.db
./usr/share/doc/bind-9.7.3/sample/var/named/named.ca
./usr/share/doc/bind-9.7.3/sample/var/named/named.empty
./usr/share/doc/bind-9.7.3/sample/var/named/named.localhost
./usr/share/doc/bind-9.7.3/sample/var/named/named.loopback
./usr/share/doc/bind-9.7.3/sample/var/named/slaves
./usr/share/doc/bind-9.7.3/sample/var/named/slaves/my.ddns.internal.zone.db
./usr/share/doc/bind-9.7.3/sample/var/named/slaves/my.slave.internal.zone.db
./usr/share/man/man1/arpaname.1.gz
./usr/share/man/man5/named.conf.5.gz
./usr/share/man/man5/rndc.conf.5.gz
./usr/share/man/man8/ddns-confgen.8.gz
./usr/share/man/man8/dnssec-dsfromkey.8.gz
./usr/share/man/man8/dnssec-keyfromlabel.8.gz
./usr/share/man/man8/dnssec-keygen.8.gz
./usr/share/man/man8/dnssec-revoke.8.gz
./usr/share/man/man8/dnssec-settime.8.gz
./usr/share/man/man8/dnssec-signzone.8.gz
./usr/share/man/man8/genrandom.8.gz
./usr/share/man/man8/isc-hmac-fixup.8.gz
./usr/share/man/man8/lwresd.8.gz
./usr/share/man/man8/named-checkconf.8.gz
./usr/share/man/man8/named-checkzone.8.gz
./usr/share/man/man8/named-compilezone.8.gz
./usr/share/man/man8/named-journalprint.8.gz
./usr/share/man/man8/named.8.gz
./usr/share/man/man8/nsec3hash.8.gz
./usr/share/man/man8/rndc-confgen.8.gz
./usr/share/man/man8/rndc.8.gz
./var/named
./var/named/data
./var/named/dynamic
./var/named/named.ca
./var/named/named.empty
./var/named/named.localhost
./var/named/named.loopback
./var/named/slaves
./var/run/named
./usr/sbin/lwresd
./usr/sbin/named
Tagsbind, rndc.key
Attached Files

- Relationships

-  Notes
(0013942)
range (administrator)
2011-12-18 15:41

Cannot reproduce:

rpm -qpl bind-9.7.3-2.el6_1.P3.3.x86_64.rpm |grep rndc
/etc/rndc.conf
/etc/rndc.key
/usr/sbin/rndc
/usr/sbin/rndc-confgen

And the i386 packages also contain those files.
(0013944)
ventura10 (reporter)
2011-12-18 16:12

Although "rpm -qlp" reports the existence of this file, it does not exist.


[root@michelangelo ~]# rpm2cpio bind-9.7.3-2.el6_1.P3.3.x86_64.rpm | cpio -t | grep rndc
./usr/sbin/rndc
./usr/sbin/rndc-confgen
./usr/share/doc/bind-9.7.3/arm/man.rndc-confgen.html
./usr/share/doc/bind-9.7.3/arm/man.rndc.conf.html
./usr/share/doc/bind-9.7.3/arm/man.rndc.html
./usr/share/man/man5/rndc.conf.5.gz
./usr/share/man/man8/rndc-confgen.8.gz
./usr/share/man/man8/rndc.8.gz

Please use rpm2cpio to reproduce the error, or delete your /etc/rndc.key manually and try install this package.
(0013945)
range (administrator)
2011-12-18 17:36

Okay, that is "interesting". The i386 version doesn't have it either.
(0013948)
range (administrator)
2011-12-18 21:30

Okay. If you look at the changelog you can see that it was a decision by our upstream:

* Mon Mar 28 2011 Adam Tkac <atkac redhat com> 32:9.7.3-2
- don't generate rndc.key during installation

So the real bug is

%ghost %config(noreplace) %{_sysconfdir}/rndc.key
# ^- rndc.key now created on first install only if it does not exist
# %verify(not size,not md5) %config(noreplace) %attr(0640,root,named) /etc/rndc.conf
# ^- Let the named internal default rndc.conf be used -
# rndc.conf not required unless it differs from default.
%ghost %config(noreplace) %{_sysconfdir}/rndc.conf
# ^- The default rndc.conf which uses rndc.key is in named's default internal config -
# so rndc.conf is not necessary.

as that has not been changed.

If you feel this is a bug, you should file an enhancement request at our upstream, but all discussions regarding the removal of config components from bind were a tad fruitless.
(0013950)
ventura10 (reporter)
2011-12-18 21:53

Hi range,
This file is not been created on the first install. I've tested on a fresh box. The only way to get it working is copying /etc/rndc.key from other server.
I really believe this file must exist, at the least, on the first install.
(0013951)
range (administrator)
2011-12-18 22:25

Then you have to file a bug report at https://bugzilla.redhat.com/ [^] as we ship what they build feature for feature, bug for bug.

I don't know what the reason behind that move was.
(0014122)
tmartinson (reporter)
2012-01-08 05:09

This is not a fix, but a work around. I have found no documentation anywhere to help this, but I did read the scripts from the upstream provider on a 5.x system and ran this by hand. It seemed to work. YMMV.

I generated the missing file by hand using the rndc-confgen -a and then set the permissions to 666.

[root@ns1 ~]# rndc-confgen -a
[root@ns1 ~]# chmod 666 /etc/rndc.key

Now everything starts without an issue.

When I generated the key, it took a bit of time.
(0014177)
avij (developer)
2012-01-13 00:11

A better workaround is to chown named /etc/rndc.key instead of chmod 666 /etc/rndc.key

If the file mode is 666, even regular users can do whatever can be done with rndc, like stopping the server.

Generating the key probably took a while because it collected entropy from the system. Running something like 'du' in a different session will speed that up.

- Issue History
Date Modified Username Field Change
2011-12-15 12:39 ventura10 New Issue
2011-12-15 12:42 ventura10 Tag Attached: bind
2011-12-15 12:42 ventura10 Tag Attached: rndc.key
2011-12-18 15:41 range Note Added: 0013942
2011-12-18 15:42 range Status new => feedback
2011-12-18 16:12 ventura10 Note Added: 0013944
2011-12-18 16:12 ventura10 Status feedback => assigned
2011-12-18 17:36 range Note Added: 0013945
2011-12-18 21:30 range Note Added: 0013948
2011-12-18 21:53 ventura10 Note Added: 0013950
2011-12-18 22:25 range Note Added: 0013951
2012-01-08 05:09 tmartinson Note Added: 0014122
2012-01-13 00:11 avij Note Added: 0014177


Copyright © 2000 - 2014 MantisBT Team
Powered by Mantis Bugtracker