On 22.07.20 16:41, Anand Buddhdev wrote: > On 22/07/2020 15:30, Josef Moellers wrote: > >>> Or just ignore the warning, and let BIND use its built-in keys. >> >> If /etc/bind.keys contains some additional keys, this will not work ;-) > > Sure, but what additional keys do you expect this file to contain? Are > you serving an alternate signed root zone?
I'm not really sure what the partner wants to add, I have the slight feeling that the remark about manually added keys was made by a third person assuming ... It turns out that it is mainly the warning the partner is irritade about. So, let me put the question the other way round: what would happen if we *always* copied /etc/bind.keys to the chroot environment? If there would be no harm, I could easily add that to eg /etc/init.d/named or the systemd service file. But the question now is: does it do any harm? Thanks, Josef -- SUSE Software Solutions Germany GmbH Maxfeldstr. 5 90409 Nürnberg Germany (HRB 36809, AG Nürnberg) Geschäftsführer: Felix Imendörffer _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
