From 2a3454aee07f52ff13831e1d6dc8551d2f6031a1 Mon Sep 17 00:00:00 2001 From: =?utf8?q?David=20H=C3=A4rdeman?= Date: Sun, 27 Jul 2025 03:02:31 +0200 Subject: [PATCH] bind: use default rndc control channel MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The present logic recreates what is already the default in bind [1], and writes the rndc key twice to two different files. In addition, the rndc key is regenerated every time bind is restarted. Simplify this by relying on the default behaviour instead. [1] https://bind9.readthedocs.io/en/latest/reference.html#controls-block-definition-and-usage Signed-off-by: David Härdeman --- net/bind/files/bind/named.conf | 2 -- net/bind/files/named.init | 25 +++---------------------- 2 files changed, 3 insertions(+), 24 deletions(-) diff --git a/net/bind/files/bind/named.conf b/net/bind/files/bind/named.conf index ca1e02d5ca..93798ea83b 100644 --- a/net/bind/files/bind/named.conf +++ b/net/bind/files/bind/named.conf @@ -4,8 +4,6 @@ options { directory "/var/cache/bind"; }; -include "/etc/bind/named-rndc.conf"; - include "/tmp/bind/named.conf.local"; // prime the server with knowledge of the root servers diff --git a/net/bind/files/named.init b/net/bind/files/named.init index d26b18ace4..f8405076ba 100644 --- a/net/bind/files/named.init +++ b/net/bind/files/named.init @@ -9,8 +9,6 @@ START=22 config_file=/etc/bind/named.conf config_dir=$(dirname $config_file) -named_options_file=/etc/bind/named-rndc.conf -rndc_conf_file=/etc/bind/rndc.conf pid_file=/var/run/named/named.pid rundir=$(dirname $pid_file) @@ -51,25 +49,9 @@ start_service() { chown bind.bind $runnamed } - local rndc_temp=$(mktemp /tmp/rndc-confgen.XXXXXX) - - rndc-confgen > $rndc_temp - - sed -r -n \ - -e '/^# options \{$/,/^\};$/{ s/^/# / }' \ - -e p \ - -e '/^# End of rndc\.conf$/q' \ - < $rndc_temp > $rndc_conf_file - - sed -r -n \ - -e '1,/^# End of rndc\.conf$/ { b done }' \ - -e '/^# Use with the following in named.conf/ { p ; b done }' \ - -e '/^# End of named\.conf$/ { p ; b done }' \ - -e '/^# key /,$ { s/^# // ; p }' \ - -e ': done' \ - < $rndc_temp > $named_options_file - - rm -f $rndc_temp + if [ ! -s /etc/bind/rndc.key ] && [ ! -s /etc/bind/rndc.conf ]; then + rndc-confgen -a + fi touch $conf_local_file @@ -79,7 +61,6 @@ start_service() { procd_open_instance procd_set_param command /usr/sbin/named -u bind -f $args -c $config_file procd_set_param file $config_file \ - $named_options_file \ $conf_local_file \ $config_dir/db.* procd_set_param respawn -- 2.30.2