On 03/14/2019 04:40 AM, Niall O'Reilly wrote: > On 14 Mar 2019, at 5:17, Marc Chamberlin via bind-users wrote: > >> On 03/13/2019 08:33 PM, John W. Blue wrote: >>> As an option, instead of including /etc/rndc.key nothing prevents you >>> from including rndc.conf. That way you are consistent with your useage. > Another option is to include rndc.key from both rndc.conf and > named.conf, which also keeps things consistent. Additionally, it > allows rndc.key to have stricter protection than the .conf files > (in my case, mode bits 0640 rather than 0644). Thanks Niall, I thought I had tried that approach when I was poking around with rndc.conf, but apparently I must have done it wrong. The include statement in rndc.conf does work, however I still do get the warning - "WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)" which seems to be unnecessary but I am not going to worry about it. > > I seem to recall actually needing to do this because of named > objecting to the syntax of some of the configuration statements > I needed to use in rndc.conf. > > I hope this helps. Yes, it does, thanks again... Much cleaner and safer this way... Marc... > > Niall O'Reilly
-- *Computers: the final frontier. These are the voyages of the user Marc. His mission: to explore strange new hardware. To seek out new software and new applications. To boldly go where no Marc has gone before! *
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
