1 # Buildsheet autogenerated by ravenadm tool -- Do not edit.
7 SDESC[standard]= Berkeley Internet Name Domain (Domain Name Server)
8 HOMEPAGE= https://www.isc.org/downloads/bind/
12 SITES[main]= ISC/bind9/9.18.19
13 DISTFILE[1]= bind-9.18.19.tar.xz:main
15 SPKGS[standard]= complete
22 OPTIONS_AVAILABLE= FIXED_RRSET GEOIP LARGE_FILE QUERYTRACE
23 OPTIONS_STANDARD= FIXED_RRSET GEOIP LARGE_FILE QUERYTRACE
25 BUILD_DEPENDS= idnkit:single:standard
27 libnghttp2:dev:standard
30 BUILDRUN_DEPENDS= json-c:primary:standard
31 libuv:primary:standard
33 libnghttp2:primary:standard
34 EXRUN[tools]= idnkit:single:standard
36 USES= cclibs:server,tools cpe iconv pkgconfig ssl mbsdfix
37 readline ncurses:build libtool perl:build
38 GNOME_COMPONENTS= libxml2
40 DISTNAME= bind-9.18.19
43 LICENSE_FILE= MPL:{{WRKSRC}}/COPYRIGHT
47 FPC_EQUIVALENT= dns/bind918
50 CONFIGURE_ARGS= --localstatedir=/var
51 --sysconfdir={{ETCDIR}}
56 --with-openssl={{OPENSSLBASE}}
58 STD_CDEFINES="-DDIG_SIGCHASE=1"
62 INSTALL_REQ_TOOLCHAIN= yes
63 PLIST_SUB= ETCDIR={{BIND_ETCDIR}}
66 SUB_FILES= pkg-message-server
69 [FIXED_RRSET].DESCRIPTION= Enable fixed rrset ordering
70 [FIXED_RRSET].CONFIGURE_ENABLE_BOTH= fixed-rrset
72 [QUERYTRACE].DESCRIPTION= Enable the very verbose query tracelogging
73 [QUERYTRACE].CONFIGURE_ENABLE_BOTH= querytrace
75 [GEOIP].DESCRIPTION= Allow geographically based ACL
76 [GEOIP].BUILDRUN_DEPENDS_ON= GeoIP:single:standard
77 [GEOIP].CONFIGURE_ENABLE_BOTH= geoip
79 [LARGE_FILE].DESCRIPTION= 64-bit file support
80 [LARGE_FILE].CONFIGURE_ENABLE_BOTH= largefile
83 ${REINPLACE_CMD} -e "s|/opt/local|${PREFIX}|g" \
87 ${MKDIR} ${STAGEDIR}${ETCDIR} ${STAGEDIR}${STD_DOCDIR}/arm
88 . for i in dynamic master slave working
89 ${MKDIR} ${STAGEDIR}${ETCDIR}/$i
91 ${INSTALL_DATA} ${WRKDIR}/named.conf \
92 ${STAGEDIR}${ETCDIR}/named.conf.sample
93 ${INSTALL_DATA} ${FILESDIR}/named.root \
95 ${INSTALL_DATA} ${FILESDIR}/empty.db \
96 ${STAGEDIR}${ETCDIR}/master
97 ${INSTALL_DATA} ${FILESDIR}/localhost-forward.db \
98 ${STAGEDIR}${ETCDIR}/master
99 ${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db \
100 ${STAGEDIR}${ETCDIR}/master
101 ${RM} -r ${STAGEDIR}/var
103 ${INSTALL_DATA} ${WRKSRC}/doc/arm/*.rst ${STAGEDIR}${STD_DOCDIR}/arm
104 ${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/README* ${STAGEDIR}${STD_DOCDIR}
106 [FILE:743:descriptions/desc.server]
107 BIND is open source software that enables you to publish your Domain Name
108 System (DNS) information on the Internet, and to resolve DNS queries for
109 your users. The name BIND stands for "Berkeley Internet Name Domain",
110 because the software originated in the early 1980s at the University of
111 California at Berkeley.
113 BIND is by far the most widely used DNS software on the Internet,
114 providing a robust and stable platform on top of which organizations can
115 build distributed computing systems with the knowledge that those systems
116 are fully compliant with published DNS standards.
118 The BIND software distribution has three parts:
119 1. Domain Name Resolver
120 2. Domain Name Authority server
123 This package contains parts 1 and 2.
126 [FILE:357:descriptions/desc.tools]
127 BIND is open source software that enables you to publish your Domain Name
128 System (DNS) information on the Internet, and to resolve DNS queries for
129 your users. The name BIND stands for "Berkeley Internet Name Domain",
130 because the software originated in the early 1980s at the University of
131 California at Berkeley.
133 This package contains the BIND tools.
137 115e09c05439bebade1d272eda08fa88eb3b60129edef690588c87a4d27612cc 5508464 bind-9.18.19.tar.xz
140 [FILE:618:manifests/plist.server]
141 @sample %%ETCDIR%%/named.conf.sample
151 libbind9-%%LIBVER%%.so
159 libisccc-%%LIBVER%%.so
161 libisccfg-%%LIBVER%%.so
174 @dir(bind,bind,) %%ETCDIR%%/dynamic
175 @dir(bind,bind,) %%ETCDIR%%/slave
176 @dir(bind,bind,) %%ETCDIR%%/working
179 [FILE:304:manifests/plist.tools]
205 [FILE:624:manifests/plist.man]
211 dnssec-dsfromkey.1.gz
212 dnssec-importkey.1.gz
213 dnssec-keyfromlabel.1.gz
223 named-compilezone.1.gz
224 named-journalprint.1.gz
243 [FILE:2355:manifests/plist.dev]
347 include/irs/resconf.h
479 [FILE:148:files/empty.db]
481 @ SOA @ nobody.localhost. 42 1d 12h 1w 3h
482 ; Serial, Refresh, Retry, Expire, Neg. cache TTL
486 ; Silence a BIND warning
490 [FILE:158:files/localhost-forward.db]
492 localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
493 ; Serial, Refresh, Retry, Expire, Neg. cache TTL
501 [FILE:226:files/localhost-reverse.db]
503 @ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
504 ; Serial, Refresh, Retry, Expire, Neg. cache TTL
510 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost.
514 [FILE:19802:files/named.conf.in]
515 // Refer to the named.conf(5) and named(8) man pages, and the documentation
516 // in /usr/local/share/doc/bind for more details.
518 // If you are going to set up an authoritative server, make sure you
519 // understand the hairy details of how DNS works. Even with
520 // simple mistakes, you can break connectivity for affected parties,
521 // or cause huge amounts of useless Internet traffic.
524 // All file and path names are relative to the chroot directory,
525 // if any, and should be fully qualified.
526 directory "%%ETCDIR%%/working";
527 pid-file "/var/run/named/pid";
528 dump-file "/var/dump/named_dump.db";
529 statistics-file "/var/stats/named.stats";
531 // If named is being used only as a local resolver, this is a safe default.
532 // For named to be accessible to the network, comment this option, specify
533 // the proper IP address, or delete this option.
534 listen-on { 127.0.0.1; };
536 // If you have IPv6 enabled on this system, uncomment this option for
537 // use as a local resolver. To give access to the network, specify
538 // an IPv6 address, or the keyword "any".
539 // listen-on-v6 { ::1; };
541 // These zones are already covered by the empty zones listed below.
542 // If you remove the related empty zones below, comment these lines out.
543 disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
544 disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
545 disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
547 // If you've got a DNS server around at your upstream provider, enter
548 // its IP address here, and enable the line below. This will make you
549 // benefit from its cache, thus reduce overall DNS traffic in the Internet.
556 // If the 'forwarders' clause is not empty the default is to 'forward first'
557 // which will fall back to sending a query from your local server if the name
558 // servers in 'forwarders' do not have the answer. Alternatively you can
559 // force your name server to never initiate queries of its own by enabling the
563 // If you wish to have forwarding configured automatically based on
564 // the entries in /etc/resolv.conf, uncomment the following line and
565 // set named_auto_forward=yes in /etc/rc.conf. You can also enable
566 // named_auto_forward_only (the effect of which is described above).
567 // include "%%ETCDIR%%/auto_forward.conf";
570 Modern versions of BIND use a random UDP port for each outgoing
571 query by default in order to dramatically reduce the possibility
572 of cache poisoning. All users are strongly encouraged to utilize
573 this feature, and to configure their firewalls to accommodate it.
575 AS A LAST RESORT in order to get around a restrictive firewall
576 policy you can try enabling the option below. Use of this option
577 will significantly reduce your ability to withstand cache poisoning
578 attacks, and should be avoided if at all possible.
580 Replace NNNNN in the example with a number between 49160 and 65530.
582 // query-source address * port NNNNN;
585 // If you enable a local name server, don't forget to enter 127.0.0.1
586 // first in your /etc/resolv.conf so this server will be queried.
587 // Also, make sure to enable it in /etc/rc.conf.
589 // The traditional root hints mechanism. Use this, OR the slave zones below.
590 zone "." { type hint; file "%%ETCDIR%%/named.root"; };
592 /* Slaving the following zones from the root name servers has some
593 significant advantages:
594 1. Faster local resolution for your users
595 2. No spurious traffic will be sent from your network to the roots
596 3. Greater resilience to any potential root server failure/DDoS
598 On the other hand, this method requires more monitoring than the
599 hints file to be sure that an unexpected failure mode has not
600 incapacitated your server. Name servers that are serving a lot
601 of clients will benefit more from this approach than individual
602 hosts. Use with caution.
604 To use this mechanism, uncomment the entries below, and comment
607 As documented at http://dns.icann.org/services/axfr/ these zones:
608 "." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others
609 are available for AXFR from these servers on IPv4 and IPv6:
610 xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
615 file "%%ETCDIR%%/slave/root.slave";
617 192.0.32.132; // lax.xfr.dns.icann.org
618 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
619 192.0.47.132; // iad.xfr.dns.icann.org
620 2620:0:2830:202::132; // iad.xfr.dns.icann.org
626 file "%%ETCDIR%%/slave/arpa.slave";
628 192.0.32.132; // lax.xfr.dns.icann.org
629 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
630 192.0.47.132; // iad.xfr.dns.icann.org
631 2620:0:2830:202::132; // iad.xfr.dns.icann.org
635 zone "in-addr.arpa" {
637 file "%%ETCDIR%%/slave/in-addr.arpa.slave";
639 192.0.32.132; // lax.xfr.dns.icann.org
640 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
641 192.0.47.132; // iad.xfr.dns.icann.org
642 2620:0:2830:202::132; // iad.xfr.dns.icann.org
648 file "%%ETCDIR%%/slave/ip6.arpa.slave";
650 192.0.32.132; // lax.xfr.dns.icann.org
651 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
652 192.0.47.132; // iad.xfr.dns.icann.org
653 2620:0:2830:202::132; // iad.xfr.dns.icann.org
659 /* Serving the following zones locally will prevent any queries
660 for these zones leaving your network and going to the root
661 name servers. This has two significant advantages:
662 1. Faster local resolution for your users
663 2. No spurious traffic will be sent from your network to the roots
665 // RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
666 zone "localhost" { type master; file "%%ETCDIR%%/master/localhost-forward.db"; };
667 zone "127.in-addr.arpa" { type master; file "%%ETCDIR%%/master/localhost-reverse.db"; };
668 zone "255.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
670 // RFC 1912-style zone for IPv6 localhost address (RFC 6303)
671 zone "0.ip6.arpa" { type master; file "%%ETCDIR%%/master/localhost-reverse.db"; };
673 // "This" Network (RFCs 1912, 5735 and 6303)
674 zone "0.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
676 // Private Use Networks (RFCs 1918, 5735 and 6303)
677 zone "10.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
678 zone "16.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
679 zone "17.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
680 zone "18.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
681 zone "19.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
682 zone "20.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
683 zone "21.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
684 zone "22.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
685 zone "23.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
686 zone "24.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
687 zone "25.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
688 zone "26.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
689 zone "27.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
690 zone "28.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
691 zone "29.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
692 zone "30.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
693 zone "31.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
694 zone "168.192.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
696 // Shared Address Space (RFC 6598)
697 zone "64.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
698 zone "65.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
699 zone "66.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
700 zone "67.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
701 zone "68.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
702 zone "69.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
703 zone "70.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
704 zone "71.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
705 zone "72.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
706 zone "73.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
707 zone "74.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
708 zone "75.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
709 zone "76.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
710 zone "77.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
711 zone "78.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
712 zone "79.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
713 zone "80.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
714 zone "81.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
715 zone "82.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
716 zone "83.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
717 zone "84.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
718 zone "85.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
719 zone "86.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
720 zone "87.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
721 zone "88.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
722 zone "89.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
723 zone "90.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
724 zone "91.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
725 zone "92.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
726 zone "93.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
727 zone "94.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
728 zone "95.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
729 zone "96.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
730 zone "97.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
731 zone "98.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
732 zone "99.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
733 zone "100.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
734 zone "101.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
735 zone "102.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
736 zone "103.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
737 zone "104.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
738 zone "105.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
739 zone "106.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
740 zone "107.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
741 zone "108.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
742 zone "109.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
743 zone "110.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
744 zone "111.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
745 zone "112.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
746 zone "113.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
747 zone "114.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
748 zone "115.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
749 zone "116.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
750 zone "117.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
751 zone "118.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
752 zone "119.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
753 zone "120.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
754 zone "121.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
755 zone "122.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
756 zone "123.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
757 zone "124.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
758 zone "125.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
759 zone "126.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
760 zone "127.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
762 // Link-local/APIPA (RFCs 3927, 5735 and 6303)
763 zone "254.169.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
765 // IETF protocol assignments (RFCs 5735 and 5736)
766 zone "0.0.192.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
768 // TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303)
769 zone "2.0.192.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
770 zone "100.51.198.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
771 zone "113.0.203.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
773 // IPv6 Example Range for Documentation (RFCs 3849 and 6303)
774 zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
776 // Router Benchmark Testing (RFCs 2544 and 5735)
777 zone "18.198.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
778 zone "19.198.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
780 // IANA Reserved - Old Class E Space (RFC 5735)
781 zone "240.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
782 zone "241.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
783 zone "242.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
784 zone "243.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
785 zone "244.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
786 zone "245.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
787 zone "246.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
788 zone "247.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
789 zone "248.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
790 zone "249.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
791 zone "250.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
792 zone "251.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
793 zone "252.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
794 zone "253.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
795 zone "254.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
797 // IPv6 Unassigned Addresses (RFC 4291)
798 zone "1.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
799 zone "3.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
800 zone "4.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
801 zone "5.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
802 zone "6.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
803 zone "7.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
804 zone "8.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
805 zone "9.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
806 zone "a.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
807 zone "b.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
808 zone "c.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
809 zone "d.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
810 zone "e.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
811 zone "0.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
812 zone "1.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
813 zone "2.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
814 zone "3.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
815 zone "4.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
816 zone "5.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
817 zone "6.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
818 zone "7.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
819 zone "8.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
820 zone "9.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
821 zone "a.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
822 zone "b.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
823 zone "0.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
824 zone "1.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
825 zone "2.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
826 zone "3.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
827 zone "4.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
828 zone "5.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
829 zone "6.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
830 zone "7.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
832 // IPv6 ULA (RFCs 4193 and 6303)
833 zone "c.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
834 zone "d.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
836 // IPv6 Link Local (RFCs 4291 and 6303)
837 zone "8.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
838 zone "9.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
839 zone "a.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
840 zone "b.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
842 // IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303)
843 zone "c.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
844 zone "d.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
845 zone "e.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
846 zone "f.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
848 // IP6.INT is Deprecated (RFC 4159)
849 zone "ip6.int" { type master; file "%%ETCDIR%%/master/empty.db"; };
851 // NB: Do not use the IP addresses below, they are faked, and only
852 // serve demonstration/documentation purposes!
854 // Example slave zone config entries. It can be convenient to become
855 // a slave at least for the zone your own domain is in. Ask
856 // your network administrator for the IP address of the responsible
857 // master name server.
859 // Do not forget to include the reverse lookup zone!
860 // This is named after the first bytes of the IP address, in reverse
861 // order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
863 // Before starting to set up a master zone, make sure you fully
864 // understand how DNS and BIND work. There are sometimes
865 // non-obvious pitfalls. Setting up a slave zone is usually simpler.
867 // NB: Don't blindly enable the examples below. :-) Use actual names
868 // and addresses instead.
870 /* An example dynamic zone
871 key "exampleorgkey" {
873 secret "sf87HJqjkqh8ac87a02lla==";
880 file "%%ETCDIR%%/dynamic/example.org";
884 /* Example of a slave reverse zone
885 zone "1.168.192.in-addr.arpa" {
887 file "%%ETCDIR%%/slave/1.168.192.in-addr.arpa";
895 [FILE:11622:files/named.in]
900 # REQUIRE: %%NAMED_REQUIRE%%
901 # BEFORE: %%NAMED_BEFORE%%
905 # Add the following lines to /etc/rc.conf to enable BIND:
906 # named_enable (bool): Run named, the DNS server (or NO).
907 # named_program (str): Path to named, if you want a different one.
908 # named_conf (str): Path to the configuration file
909 # named_flags (str): Use this for flags OTHER than -u and -c
910 # named_uid (str): User to run named as
911 # named_chrootdir (str): Chroot directory (or "" not to auto-chroot it)
912 # Historically, was /var/named
913 # named_chroot_autoupdate (bool): Automatically install/update chrooted
914 # components of named.
915 # named_symlink_enable (bool): Symlink the chrooted pid file
916 # named_wait (bool): Wait for working name service before exiting
917 # named_wait_host (str): Hostname to check if named_wait is enabled
918 # named_auto_forward (str): Set up forwarders from /etc/resolv.conf
919 # named_auto_forward_only (str): Do "forward only" instead of "forward first"
925 desc="named BIND startup script"
928 load_rc_config ${name}
930 extra_commands=reload
932 start_precmd=named_prestart
933 start_postcmd=named_poststart
934 reload_cmd=named_reload
936 stop_postcmd=named_poststop
938 named_enable=${named_enable:-"NO"}
939 named_program=${named_program:-"%%PREFIX%%/sbin/named"}
940 named_conf=${named_conf:-"%%ETCDIR%%/named.conf"}
941 named_flags=${named_flags:-""}
942 named_uid=${named_uid:-"bind"}
943 named_chrootdir=${named_chrootdir:-""}
944 named_chroot_autoupdate=${named_chroot_autoupdate:-"YES"}
945 named_symlink_enable=${named_symlink_enable:-"YES"}
946 named_wait=${named_wait:-"NO"}
947 named_wait_host=${named_wait_host:-"localhost"}
948 named_auto_forward=${named_auto_forward:-"NO"}
949 named_auto_forward_only=${named_auto_forward_only:-"NO"}
951 # Not configuration variables but having them here keeps rclint happy
952 required_dirs="${named_chrootdir}"
953 _named_confdirroot="${named_conf%/*}"
954 _named_confdir="${named_chrootdir}${_named_confdirroot}"
955 _named_program_root="${named_program%/sbin/named}"
956 _openssl_engines="%%LOCALBASE%%/lib/engines"
958 # Needed if named.conf and rndc.conf are moved or if rndc.conf is used
959 rndc_conf=${rndc_conf:-"$_named_confdir/rndc.conf"}
960 rndc_key=${rndc_key:-"$_named_confdir/rndc.key"}
962 # If running in a chroot cage, ensure that the appropriate files
963 # exist inside the cage, as well as helper symlinks into the cage
966 # As this is called after the is_running and required_dir checks
967 # are made in run_rc_command(), we can safely assume ${named_chrootdir}
968 # exists and named isn't running at this point (unless forcestart
975 # If it's the first time around, fiddle with things and move the
976 # current configuration to the chroot.
977 if [ -d ${_named_confdirroot} -a ! -d ${_named_confdir} ]; then
978 warn "named chroot: Moving current configuration in the chroot!"
979 install -d ${_named_confdir%/*}
980 mv ${_named_confdirroot} ${_named_confdir}
983 # Create (or update) the chroot directory structure
985 if [ -r %%PREFIX%%/etc/mtree/BIND.chroot.dist ]; then
986 mtree -deU -f %%PREFIX%%/etc/mtree/BIND.chroot.dist \
987 -p ${named_chrootdir}
989 warn "%%PREFIX%%/etc/mtree/BIND.chroot.dist missing,"
990 warn "${named_chrootdir} directory structure not updated"
992 if [ -r %%PREFIX%%/etc/mtree/BIND.chroot.local.dist ]; then
993 mkdir -p ${named_chrootdir}%%PREFIX%%
994 mtree -deU -f %%PREFIX%%/etc/mtree/BIND.chroot.local.dist \
995 -p ${named_chrootdir}%%PREFIX%%
997 warn "%%PREFIX%%/etc/mtree/BIND.chroot.local.dist missing,"
998 warn "${named_chrootdir}%%PREFIX%% directory structure not updated"
1001 # Create (or update) the configuration directory symlink
1003 if [ ! -L "${_named_confdirroot}" ]; then
1004 if [ -d "${_named_confdirroot}" ]; then
1005 warn "named chroot: ${_named_confdirroot} is a directory!"
1006 elif [ -e "${_named_confdirroot}" ]; then
1007 warn "named chroot: ${_named_confdirroot} exists!"
1009 ln -s ${_named_confdir} ${_named_confdirroot}
1012 # Make sure it points to the right place.
1013 ln -shf ${_named_confdir} ${_named_confdirroot}
1016 # Mount a devfs in the chroot directory if needed
1018 if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
1019 umount ${named_chrootdir}/dev 2>/dev/null
1020 devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
1021 devfs -m ${named_chrootdir}/dev rule apply path null unhide
1022 devfs -m ${named_chrootdir}/dev rule apply path random unhide
1024 if [ -c ${named_chrootdir}/dev/null -a \
1025 -c ${named_chrootdir}/dev/random ]; then
1026 info "named chroot: using pre-mounted devfs."
1028 err 1 "named chroot: devfs cannot be mounted from " \
1029 "within a jail. Thus a chrooted named cannot " \
1030 "be run from within a jail. Either mount the " \
1031 "devfs with null and random from the host, or " \
1032 "run named without chrooting it, set " \
1033 "named_chrootdir=\"\" in /etc/rc.conf."
1037 # If OpenSSL from ports, then the engines should be present in the
1038 # chroot, named loads them after chrooting.
1039 if [ -d ${_openssl_engines} ]; then
1040 # FIXME when 8.4 is gone see if
1041 # security.jail.param.allow.mount.nullfs can be used.
1042 if [ `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ]; then
1043 mkdir -p ${named_chrootdir}${_openssl_engines}
1044 mount -t nullfs ${_openssl_engines} ${named_chrootdir}${_openssl_engines}
1046 warn "named chroot: cannot nullfs mount OpenSSL" \
1047 "engines into the chroot, will copy the shared" \
1048 "libraries instead."
1049 mkdir -p ${named_chrootdir}${_openssl_engines}
1050 cp -f ${_openssl_engines}/*.so ${named_chrootdir}${_openssl_engines}
1054 # Copy and/or update key files to the chroot /etc
1056 for file in localtime protocols services; do
1057 if [ -r /etc/${file} ] && \
1058 ! cmp -s /etc/${file} "${named_chrootdir}/etc/${file}"; then
1059 cp -p /etc/${file} "${named_chrootdir}/etc/${file}"
1064 # Make symlinks to the correct pid file
1068 checkyesno named_symlink_enable &&
1069 ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
1076 if checkyesno named_wait; then
1077 until ${_named_program_root}/bin/host ${named_wait_host} >/dev/null 2>&1; do
1078 echo " Waiting for nameserver to resolve ${named_wait_host}"
1086 # This is a one line function, but ${named_program} is not defined early
1087 # enough to be there when the reload_cmd variable is defined up there.
1093 if get_pidfile_from_conf pid-file ${named_conf}; then
1094 pidfile="${_pidfile_from_conf}"
1096 pidfile="/var/run/named/pid"
1104 # This duplicates an undesirably large amount of code from the stop
1105 # routine in rc.subr in order to use rndc to shut down the process,
1106 # and to give it a second chance in case rndc fails.
1107 rc_pid=$(check_pidfile ${pidfile} ${command})
1108 if [ -z "${rc_pid}" ]; then
1109 [ -n "${rc_fast}" ] && return 0
1113 echo 'Stopping named.'
1115 wait_for_pids ${rc_pid}
1117 echo -n 'rndc failed, trying kill: '
1118 kill -TERM ${rc_pid}
1119 wait_for_pids ${rc_pid}
1125 if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then
1126 # if using OpenSSL from ports, unmount OpenSSL engines, if they
1127 # were not mounted but only copied, do nothing.
1128 if [ -d ${_openssl_engines} -a \( `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 \) ]; then
1129 umount ${named_chrootdir}${_openssl_engines}
1132 if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
1133 umount ${named_chrootdir}/dev 2>/dev/null || true
1135 warn "named chroot:" \
1136 "cannot unmount devfs from inside jail!"
1143 if [ -e "$1" ]; then
1146 install -o root -g wheel -m 0644 /dev/null $1
1151 if [ -z "${rndc_flags}" ]; then
1152 if [ -s "${rndc_conf}" ] ; then
1153 rndc_flags="-c ${rndc_conf}"
1154 elif [ -s "${rndc_key}" ] ; then
1155 rndc_flags="-k ${rndc_key}"
1161 ${_named_program_root}/sbin/rndc ${rndc_flags} "$@"
1168 if [ -n "${named_pidfile}" ]; then
1169 warn 'named_pidfile: now determined from the conf file'
1172 piddir=`/usr/bin/dirname ${pidfile}`
1173 if [ ! -d ${piddir} ]; then
1174 install -d -o ${named_uid} -g ${named_uid} ${piddir}
1177 command_args="-u ${named_uid:=root} -c ${named_conf} ${command_args}"
1179 local line nsip firstns
1181 # Is the user using a sandbox?
1183 if [ -n "${named_chrootdir}" ]; then
1184 rc_flags="${rc_flags} -t ${named_chrootdir}"
1185 checkyesno named_chroot_autoupdate && chroot_autoupdate
1187 named_symlink_enable=NO
1190 # Create an rndc.key file for the user if none exists
1192 confgen_command="${_named_program_root}/sbin/rndc-confgen -a -b256 -u ${named_uid} \
1193 -c ${_named_confdir}/rndc.key"
1194 if [ -s "${_named_confdir}/rndc.conf" ]; then
1195 unset confgen_command
1197 if [ -s "${_named_confdir}/rndc.key" ]; then
1198 case `stat -f%Su ${_named_confdir}/rndc.key` in
1199 root|${named_uid}) ;;
1200 *) ${confgen_command} ;;
1208 checkconf="${_named_program_root}/bin/named-checkconf"
1209 if ! checkyesno named_chroot_autoupdate && [ -n "${named_chrootdir}" ]; then
1210 checkconf="${checkconf} -t ${named_chrootdir}"
1213 # Create a forwarder configuration based on /etc/resolv.conf
1214 if checkyesno named_auto_forward; then
1215 if [ ! -s /etc/resolv.conf ]; then
1216 warn "named_auto_forward enabled, but no /etc/resolv.conf"
1218 # Empty the file in case it is included in named.conf
1219 [ -s "${_named_confdir}/auto_forward.conf" ] &&
1220 create_file ${_named_confdir}/auto_forward.conf
1222 ${checkconf} ${named_conf} ||
1223 err 3 'named-checkconf for ${named_conf} failed'
1227 create_file /var/run/naf-resolv.conf
1228 create_file /var/run/auto_forward.conf
1230 echo ' forwarders {' > /var/run/auto_forward.conf
1234 'nameserver '*|'nameserver '*)
1235 nsip=${line##nameserver[ ]}
1237 if [ -z "${firstns}" ]; then
1238 if [ ! "${nsip}" = '127.0.0.1' ]; then
1239 echo 'nameserver 127.0.0.1'
1240 echo " ${nsip};" >> /var/run/auto_forward.conf
1245 [ "${nsip}" = '127.0.0.1' ] && continue
1246 echo " ${nsip};" >> /var/run/auto_forward.conf
1252 done < /etc/resolv.conf > /var/run/naf-resolv.conf
1254 echo ' };' >> /var/run/auto_forward.conf
1255 echo '' >> /var/run/auto_forward.conf
1256 if checkyesno named_auto_forward_only; then
1257 echo " forward only;" >> /var/run/auto_forward.conf
1259 echo " forward first;" >> /var/run/auto_forward.conf
1262 if cmp -s /etc/resolv.conf /var/run/naf-resolv.conf; then
1263 unlink /var/run/naf-resolv.conf
1265 [ -e /etc/resolv.conf ] && unlink /etc/resolv.conf
1266 mv /var/run/naf-resolv.conf /etc/resolv.conf
1269 if cmp -s ${_named_confdir}/auto_forward.conf \
1270 /var/run/auto_forward.conf; then
1271 unlink /var/run/auto_forward.conf
1273 [ -e "${_named_confdir}/auto_forward.conf" ] &&
1274 unlink ${_named_confdir}/auto_forward.conf
1275 mv /var/run/auto_forward.conf \
1276 ${_named_confdir}/auto_forward.conf
1279 # Empty the file in case it is included in named.conf
1280 [ -s "${_named_confdir}/auto_forward.conf" ] &&
1281 create_file ${_named_confdir}/auto_forward.conf
1284 ${checkconf} ${named_conf} || err 3 "named-checkconf for ${named_conf} failed"
1290 [FILE:3289:files/named.root]
1291 ; This file holds the information on root name servers needed to
1292 ; initialize cache of Internet domain name servers
1293 ; (e.g. reference this file in the "cache . <file>"
1294 ; configuration file of BIND domain name servers).
1296 ; This file is made available by InterNIC
1297 ; under anonymous FTP as
1298 ; file /domain/named.cache
1299 ; on server FTP.INTERNIC.NET
1300 ; -OR- RS.INTERNIC.NET
1302 ; last update: April 11, 2017
1303 ; related version of root zone: 2017041101
1305 ; formerly NS.INTERNIC.NET
1307 . 3600000 NS A.ROOT-SERVERS.NET.
1308 A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
1309 A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30
1311 ; FORMERLY NS1.ISI.EDU
1313 . 3600000 NS B.ROOT-SERVERS.NET.
1314 B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
1315 B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b
1317 ; FORMERLY C.PSI.NET
1319 . 3600000 NS C.ROOT-SERVERS.NET.
1320 C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
1321 C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c
1323 ; FORMERLY TERP.UMD.EDU
1325 . 3600000 NS D.ROOT-SERVERS.NET.
1326 D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
1327 D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
1329 ; FORMERLY NS.NASA.GOV
1331 . 3600000 NS E.ROOT-SERVERS.NET.
1332 E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
1333 E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e
1335 ; FORMERLY NS.ISC.ORG
1337 . 3600000 NS F.ROOT-SERVERS.NET.
1338 F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
1339 F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
1341 ; FORMERLY NS.NIC.DDN.MIL
1343 . 3600000 NS G.ROOT-SERVERS.NET.
1344 G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
1345 G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d
1347 ; FORMERLY AOS.ARL.ARMY.MIL
1349 . 3600000 NS H.ROOT-SERVERS.NET.
1350 H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53
1351 H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53
1353 ; FORMERLY NIC.NORDU.NET
1355 . 3600000 NS I.ROOT-SERVERS.NET.
1356 I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
1357 I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53
1359 ; OPERATED BY VERISIGN, INC.
1361 . 3600000 NS J.ROOT-SERVERS.NET.
1362 J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
1363 J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30
1365 ; OPERATED BY RIPE NCC
1367 . 3600000 NS K.ROOT-SERVERS.NET.
1368 K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
1369 K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
1373 . 3600000 NS L.ROOT-SERVERS.NET.
1374 L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
1375 L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:9f::42
1379 . 3600000 NS M.ROOT-SERVERS.NET.
1380 M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
1381 M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
1385 [FILE:1637:files/pkg-message-server.in]
1386 **********************************************************************
1387 * _ _____ _____ _____ _ _ _____ ___ ___ _ _ *
1388 * / \|_ _|_ _| ____| \ | |_ _|_ _/ _ \| \ | | *
1389 * / _ \ | | | | | _| | \| | | | | | | | | \| | *
1390 * / ___ \| | | | | |___| |\ | | | | | |_| | |\ | *
1391 * /_/ \_\_| |_| |_____|_| \_| |_| |___\___/|_| \_| *
1393 * BIND requires configuration of rndc, including a "secret" key. *
1394 * The easiest, and most secure way to configure rndc is to run *
1395 * 'rndc-confgen -a' to generate the proper conf file, with a new *
1396 * random key, and appropriate file permissions. *
1398 * The %%PREFIX%%/etc/rc.d/named script will do that for you. *
1400 * If using syslog to log the BIND9 activity, and using a *
1401 * chroot'ed installation, you will need to tell syslog to *
1402 * install a log socket in the BIND9 chroot by running: *
1404 * # sysrc altlog_proglist+=named *
1406 * And then restarting syslogd with: service syslogd restart *
1408 **********************************************************************
1411 [FILE:59:files/special.mk]
1412 BIND_ETCDIR?= etc/namedb
1413 ETCDIR= ${PREFIX}/${BIND_ETCDIR}