1 # Buildsheet autogenerated by ravenadm tool -- Do not edit.
7 SDESC[standard]= Berkeley Internet Name Domain (Domain Name Server)
8 HOMEPAGE= https://www.isc.org/downloads/bind/
12 SITES[main]= ISC/bind9/9.18.14
13 DISTFILE[1]= bind-9.18.14.tar.xz:main
15 SPKGS[standard]= complete
22 OPTIONS_AVAILABLE= FIXED_RRSET GEOIP LARGE_FILE QUERYTRACE
23 OPTIONS_STANDARD= FIXED_RRSET GEOIP LARGE_FILE QUERYTRACE
25 BUILD_DEPENDS= idnkit:single:standard
27 libnghttp2:dev:standard
29 BUILDRUN_DEPENDS= json-c:primary:standard
30 libuv:primary:standard
32 libnghttp2:primary:standard
33 EXRUN[tools]= idnkit:single:standard
35 USES= cclibs:server,tools cpe iconv pkgconfig ssl mbsdfix
36 readline ncurses:build libtool perl:build
37 GNOME_COMPONENTS= libxml2
39 DISTNAME= bind-9.18.14
42 LICENSE_FILE= MPL:{{WRKSRC}}/COPYRIGHT
46 FPC_EQUIVALENT= dns/bind916
49 CONFIGURE_ARGS= --localstatedir=/var
50 --sysconfdir={{ETCDIR}}
55 --with-openssl={{OPENSSLBASE}}
57 STD_CDEFINES="-DDIG_SIGCHASE=1"
61 INSTALL_REQ_TOOLCHAIN= yes
62 PLIST_SUB= ETCDIR={{BIND_ETCDIR}}
65 SUB_FILES= pkg-message-server
68 [FIXED_RRSET].DESCRIPTION= Enable fixed rrset ordering
69 [FIXED_RRSET].CONFIGURE_ENABLE_BOTH= fixed-rrset
71 [QUERYTRACE].DESCRIPTION= Enable the very verbose query tracelogging
72 [QUERYTRACE].CONFIGURE_ENABLE_BOTH= querytrace
74 [GEOIP].DESCRIPTION= Allow geographically based ACL
75 [GEOIP].BUILDRUN_DEPENDS_ON= GeoIP:single:standard
76 [GEOIP].CONFIGURE_ENABLE_BOTH= geoip
78 [LARGE_FILE].DESCRIPTION= 64-bit file support
79 [LARGE_FILE].CONFIGURE_ENABLE_BOTH= largefile
82 ${REINPLACE_CMD} -e "s|/opt/local|${PREFIX}|g" \
86 ${MKDIR} ${STAGEDIR}${ETCDIR} ${STAGEDIR}${STD_DOCDIR}/arm
87 . for i in dynamic master slave working
88 ${MKDIR} ${STAGEDIR}${ETCDIR}/$i
90 ${INSTALL_DATA} ${WRKDIR}/named.conf \
91 ${STAGEDIR}${ETCDIR}/named.conf.sample
92 ${INSTALL_DATA} ${FILESDIR}/named.root \
94 ${INSTALL_DATA} ${FILESDIR}/empty.db \
95 ${STAGEDIR}${ETCDIR}/master
96 ${INSTALL_DATA} ${FILESDIR}/localhost-forward.db \
97 ${STAGEDIR}${ETCDIR}/master
98 ${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db \
99 ${STAGEDIR}${ETCDIR}/master
100 ${RM} -r ${STAGEDIR}/var
102 ${INSTALL_DATA} ${WRKSRC}/doc/arm/*.rst ${STAGEDIR}${STD_DOCDIR}/arm
103 ${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/README* ${STAGEDIR}${STD_DOCDIR}
105 [FILE:743:descriptions/desc.server]
106 BIND is open source software that enables you to publish your Domain Name
107 System (DNS) information on the Internet, and to resolve DNS queries for
108 your users. The name BIND stands for "Berkeley Internet Name Domain",
109 because the software originated in the early 1980s at the University of
110 California at Berkeley.
112 BIND is by far the most widely used DNS software on the Internet,
113 providing a robust and stable platform on top of which organizations can
114 build distributed computing systems with the knowledge that those systems
115 are fully compliant with published DNS standards.
117 The BIND software distribution has three parts:
118 1. Domain Name Resolver
119 2. Domain Name Authority server
122 This package contains parts 1 and 2.
125 [FILE:357:descriptions/desc.tools]
126 BIND is open source software that enables you to publish your Domain Name
127 System (DNS) information on the Internet, and to resolve DNS queries for
128 your users. The name BIND stands for "Berkeley Internet Name Domain",
129 because the software originated in the early 1980s at the University of
130 California at Berkeley.
132 This package contains the BIND tools.
136 9ae12edf6ac3c430b33ecd1a7c0c0c60875d255185eb87850fa9a5e794a64a09 5481396 bind-9.18.14.tar.xz
139 [FILE:598:manifests/plist.server]
140 @sample %%ETCDIR%%/named.conf.sample
149 libbind9-%%LIBVER%%.so
157 libisccc-%%LIBVER%%.so
159 libisccfg-%%LIBVER%%.so
172 @dir(bind,bind,) %%ETCDIR%%/dynamic
173 @dir(bind,bind,) %%ETCDIR%%/slave
174 @dir(bind,bind,) %%ETCDIR%%/working
177 [FILE:321:manifests/plist.tools]
204 [FILE:624:manifests/plist.man]
210 dnssec-dsfromkey.1.gz
211 dnssec-importkey.1.gz
212 dnssec-keyfromlabel.1.gz
222 named-compilezone.1.gz
223 named-journalprint.1.gz
242 [FILE:2355:manifests/plist.dev]
346 include/irs/resconf.h
478 [FILE:148:files/empty.db]
480 @ SOA @ nobody.localhost. 42 1d 12h 1w 3h
481 ; Serial, Refresh, Retry, Expire, Neg. cache TTL
485 ; Silence a BIND warning
489 [FILE:158:files/localhost-forward.db]
491 localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
492 ; Serial, Refresh, Retry, Expire, Neg. cache TTL
500 [FILE:226:files/localhost-reverse.db]
502 @ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
503 ; Serial, Refresh, Retry, Expire, Neg. cache TTL
509 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost.
513 [FILE:19802:files/named.conf.in]
514 // Refer to the named.conf(5) and named(8) man pages, and the documentation
515 // in /usr/local/share/doc/bind for more details.
517 // If you are going to set up an authoritative server, make sure you
518 // understand the hairy details of how DNS works. Even with
519 // simple mistakes, you can break connectivity for affected parties,
520 // or cause huge amounts of useless Internet traffic.
523 // All file and path names are relative to the chroot directory,
524 // if any, and should be fully qualified.
525 directory "%%ETCDIR%%/working";
526 pid-file "/var/run/named/pid";
527 dump-file "/var/dump/named_dump.db";
528 statistics-file "/var/stats/named.stats";
530 // If named is being used only as a local resolver, this is a safe default.
531 // For named to be accessible to the network, comment this option, specify
532 // the proper IP address, or delete this option.
533 listen-on { 127.0.0.1; };
535 // If you have IPv6 enabled on this system, uncomment this option for
536 // use as a local resolver. To give access to the network, specify
537 // an IPv6 address, or the keyword "any".
538 // listen-on-v6 { ::1; };
540 // These zones are already covered by the empty zones listed below.
541 // If you remove the related empty zones below, comment these lines out.
542 disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
543 disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
544 disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
546 // If you've got a DNS server around at your upstream provider, enter
547 // its IP address here, and enable the line below. This will make you
548 // benefit from its cache, thus reduce overall DNS traffic in the Internet.
555 // If the 'forwarders' clause is not empty the default is to 'forward first'
556 // which will fall back to sending a query from your local server if the name
557 // servers in 'forwarders' do not have the answer. Alternatively you can
558 // force your name server to never initiate queries of its own by enabling the
562 // If you wish to have forwarding configured automatically based on
563 // the entries in /etc/resolv.conf, uncomment the following line and
564 // set named_auto_forward=yes in /etc/rc.conf. You can also enable
565 // named_auto_forward_only (the effect of which is described above).
566 // include "%%ETCDIR%%/auto_forward.conf";
569 Modern versions of BIND use a random UDP port for each outgoing
570 query by default in order to dramatically reduce the possibility
571 of cache poisoning. All users are strongly encouraged to utilize
572 this feature, and to configure their firewalls to accommodate it.
574 AS A LAST RESORT in order to get around a restrictive firewall
575 policy you can try enabling the option below. Use of this option
576 will significantly reduce your ability to withstand cache poisoning
577 attacks, and should be avoided if at all possible.
579 Replace NNNNN in the example with a number between 49160 and 65530.
581 // query-source address * port NNNNN;
584 // If you enable a local name server, don't forget to enter 127.0.0.1
585 // first in your /etc/resolv.conf so this server will be queried.
586 // Also, make sure to enable it in /etc/rc.conf.
588 // The traditional root hints mechanism. Use this, OR the slave zones below.
589 zone "." { type hint; file "%%ETCDIR%%/named.root"; };
591 /* Slaving the following zones from the root name servers has some
592 significant advantages:
593 1. Faster local resolution for your users
594 2. No spurious traffic will be sent from your network to the roots
595 3. Greater resilience to any potential root server failure/DDoS
597 On the other hand, this method requires more monitoring than the
598 hints file to be sure that an unexpected failure mode has not
599 incapacitated your server. Name servers that are serving a lot
600 of clients will benefit more from this approach than individual
601 hosts. Use with caution.
603 To use this mechanism, uncomment the entries below, and comment
606 As documented at http://dns.icann.org/services/axfr/ these zones:
607 "." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others
608 are available for AXFR from these servers on IPv4 and IPv6:
609 xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
614 file "%%ETCDIR%%/slave/root.slave";
616 192.0.32.132; // lax.xfr.dns.icann.org
617 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
618 192.0.47.132; // iad.xfr.dns.icann.org
619 2620:0:2830:202::132; // iad.xfr.dns.icann.org
625 file "%%ETCDIR%%/slave/arpa.slave";
627 192.0.32.132; // lax.xfr.dns.icann.org
628 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
629 192.0.47.132; // iad.xfr.dns.icann.org
630 2620:0:2830:202::132; // iad.xfr.dns.icann.org
634 zone "in-addr.arpa" {
636 file "%%ETCDIR%%/slave/in-addr.arpa.slave";
638 192.0.32.132; // lax.xfr.dns.icann.org
639 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
640 192.0.47.132; // iad.xfr.dns.icann.org
641 2620:0:2830:202::132; // iad.xfr.dns.icann.org
647 file "%%ETCDIR%%/slave/ip6.arpa.slave";
649 192.0.32.132; // lax.xfr.dns.icann.org
650 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
651 192.0.47.132; // iad.xfr.dns.icann.org
652 2620:0:2830:202::132; // iad.xfr.dns.icann.org
658 /* Serving the following zones locally will prevent any queries
659 for these zones leaving your network and going to the root
660 name servers. This has two significant advantages:
661 1. Faster local resolution for your users
662 2. No spurious traffic will be sent from your network to the roots
664 // RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
665 zone "localhost" { type master; file "%%ETCDIR%%/master/localhost-forward.db"; };
666 zone "127.in-addr.arpa" { type master; file "%%ETCDIR%%/master/localhost-reverse.db"; };
667 zone "255.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
669 // RFC 1912-style zone for IPv6 localhost address (RFC 6303)
670 zone "0.ip6.arpa" { type master; file "%%ETCDIR%%/master/localhost-reverse.db"; };
672 // "This" Network (RFCs 1912, 5735 and 6303)
673 zone "0.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
675 // Private Use Networks (RFCs 1918, 5735 and 6303)
676 zone "10.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
677 zone "16.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
678 zone "17.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
679 zone "18.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
680 zone "19.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
681 zone "20.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
682 zone "21.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
683 zone "22.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
684 zone "23.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
685 zone "24.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
686 zone "25.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
687 zone "26.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
688 zone "27.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
689 zone "28.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
690 zone "29.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
691 zone "30.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
692 zone "31.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
693 zone "168.192.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
695 // Shared Address Space (RFC 6598)
696 zone "64.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
697 zone "65.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
698 zone "66.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
699 zone "67.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
700 zone "68.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
701 zone "69.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
702 zone "70.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
703 zone "71.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
704 zone "72.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
705 zone "73.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
706 zone "74.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
707 zone "75.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
708 zone "76.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
709 zone "77.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
710 zone "78.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
711 zone "79.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
712 zone "80.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
713 zone "81.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
714 zone "82.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
715 zone "83.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
716 zone "84.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
717 zone "85.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
718 zone "86.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
719 zone "87.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
720 zone "88.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
721 zone "89.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
722 zone "90.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
723 zone "91.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
724 zone "92.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
725 zone "93.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
726 zone "94.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
727 zone "95.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
728 zone "96.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
729 zone "97.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
730 zone "98.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
731 zone "99.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
732 zone "100.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
733 zone "101.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
734 zone "102.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
735 zone "103.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
736 zone "104.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
737 zone "105.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
738 zone "106.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
739 zone "107.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
740 zone "108.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
741 zone "109.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
742 zone "110.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
743 zone "111.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
744 zone "112.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
745 zone "113.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
746 zone "114.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
747 zone "115.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
748 zone "116.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
749 zone "117.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
750 zone "118.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
751 zone "119.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
752 zone "120.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
753 zone "121.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
754 zone "122.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
755 zone "123.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
756 zone "124.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
757 zone "125.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
758 zone "126.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
759 zone "127.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
761 // Link-local/APIPA (RFCs 3927, 5735 and 6303)
762 zone "254.169.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
764 // IETF protocol assignments (RFCs 5735 and 5736)
765 zone "0.0.192.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
767 // TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303)
768 zone "2.0.192.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
769 zone "100.51.198.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
770 zone "113.0.203.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
772 // IPv6 Example Range for Documentation (RFCs 3849 and 6303)
773 zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
775 // Router Benchmark Testing (RFCs 2544 and 5735)
776 zone "18.198.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
777 zone "19.198.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
779 // IANA Reserved - Old Class E Space (RFC 5735)
780 zone "240.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
781 zone "241.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
782 zone "242.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
783 zone "243.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
784 zone "244.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
785 zone "245.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
786 zone "246.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
787 zone "247.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
788 zone "248.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
789 zone "249.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
790 zone "250.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
791 zone "251.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
792 zone "252.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
793 zone "253.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
794 zone "254.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
796 // IPv6 Unassigned Addresses (RFC 4291)
797 zone "1.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
798 zone "3.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
799 zone "4.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
800 zone "5.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
801 zone "6.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
802 zone "7.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
803 zone "8.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
804 zone "9.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
805 zone "a.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
806 zone "b.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
807 zone "c.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
808 zone "d.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
809 zone "e.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
810 zone "0.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
811 zone "1.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
812 zone "2.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
813 zone "3.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
814 zone "4.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
815 zone "5.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
816 zone "6.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
817 zone "7.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
818 zone "8.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
819 zone "9.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
820 zone "a.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
821 zone "b.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
822 zone "0.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
823 zone "1.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
824 zone "2.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
825 zone "3.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
826 zone "4.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
827 zone "5.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
828 zone "6.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
829 zone "7.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
831 // IPv6 ULA (RFCs 4193 and 6303)
832 zone "c.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
833 zone "d.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
835 // IPv6 Link Local (RFCs 4291 and 6303)
836 zone "8.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
837 zone "9.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
838 zone "a.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
839 zone "b.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
841 // IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303)
842 zone "c.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
843 zone "d.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
844 zone "e.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
845 zone "f.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
847 // IP6.INT is Deprecated (RFC 4159)
848 zone "ip6.int" { type master; file "%%ETCDIR%%/master/empty.db"; };
850 // NB: Do not use the IP addresses below, they are faked, and only
851 // serve demonstration/documentation purposes!
853 // Example slave zone config entries. It can be convenient to become
854 // a slave at least for the zone your own domain is in. Ask
855 // your network administrator for the IP address of the responsible
856 // master name server.
858 // Do not forget to include the reverse lookup zone!
859 // This is named after the first bytes of the IP address, in reverse
860 // order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
862 // Before starting to set up a master zone, make sure you fully
863 // understand how DNS and BIND work. There are sometimes
864 // non-obvious pitfalls. Setting up a slave zone is usually simpler.
866 // NB: Don't blindly enable the examples below. :-) Use actual names
867 // and addresses instead.
869 /* An example dynamic zone
870 key "exampleorgkey" {
872 secret "sf87HJqjkqh8ac87a02lla==";
879 file "%%ETCDIR%%/dynamic/example.org";
883 /* Example of a slave reverse zone
884 zone "1.168.192.in-addr.arpa" {
886 file "%%ETCDIR%%/slave/1.168.192.in-addr.arpa";
894 [FILE:11623:files/named.in]
899 # REQUIRE: %%NAMED_REQUIRE%%
900 # BEFORE: %%NAMED_BEFORE%%
904 # Add the following lines to /etc/rc.conf to enable BIND:
905 # named_enable (bool): Run named, the DNS server (or NO).
906 # named_program (str): Path to named, if you want a different one.
907 # named_conf (str): Path to the configuration file
908 # named_flags (str): Use this for flags OTHER than -u and -c
909 # named_uid (str): User to run named as
910 # named_chrootdir (str): Chroot directory (or "" not to auto-chroot it)
911 # Historically, was /var/named
912 # named_chroot_autoupdate (bool): Automatically install/update chrooted
913 # components of named.
914 # named_symlink_enable (bool): Symlink the chrooted pid file
915 # named_wait (bool): Wait for working name service before exiting
916 # named_wait_host (str): Hostname to check if named_wait is enabled
917 # named_auto_forward (str): Set up forwarders from /etc/resolv.conf
918 # named_auto_forward_only (str): Do "forward only" instead of "forward first"
924 desc="named BIND startup script"
927 load_rc_config ${name}
929 extra_commands=reload
931 start_precmd=named_prestart
932 start_postcmd=named_poststart
933 reload_cmd=named_reload
935 stop_postcmd=named_poststop
937 named_enable=${named_enable:-"NO"}
938 named_program=${named_program:-"%%PREFIX%%/sbin/named"}
939 named_conf=${named_conf:-"%%ETCDIR%%/named.conf"}
940 named_flags=${named_flags:-""}
941 named_uid=${named_uid:-"bind"}
942 named_chrootdir=${named_chrootdir:-""}
943 named_chroot_autoupdate=${named_chroot_autoupdate:-"YES"}
944 named_symlink_enable=${named_symlink_enable:-"YES"}
945 named_wait=${named_wait:-"NO"}
946 named_wait_host=${named_wait_host:-"localhost"}
947 named_auto_forward=${named_auto_forward:-"NO"}
948 named_auto_forward_only=${named_auto_forward_only:-"NO"}
950 # Not configuration variables but having them here keeps rclint happy
951 required_dirs="${named_chrootdir}"
952 _named_confdirroot="${named_conf%/*}"
953 _named_confdir="${named_chrootdir}${_named_confdirroot}"
954 _named_program_root="${named_program%/sbin/named}"
955 _openssl_engines="%%LOCALBASE%%/lib/engines"
957 # Needed if named.conf and rndc.conf are moved or if rndc.conf is used
958 rndc_conf=${rndc_conf:-"$_named_confdir/rndc.conf"}
959 rndc_key=${rndc_key:-"$_named_confdir/rndc.key"}
961 # If running in a chroot cage, ensure that the appropriate files
962 # exist inside the cage, as well as helper symlinks into the cage
965 # As this is called after the is_running and required_dir checks
966 # are made in run_rc_command(), we can safely assume ${named_chrootdir}
967 # exists and named isn't running at this point (unless forcestart
974 # If it's the first time around, fiddle with things and move the
975 # current configuration to the chroot.
976 if [ -d ${_named_confdirroot} -a ! -d ${_named_confdir} ]; then
977 warn "named chroot: Moving current configuration in the chroot!"
978 install -d ${_named_confdir%/*}
979 mv ${_named_confdirroot} ${_named_confdir}
982 # Create (or update) the chroot directory structure
984 if [ -r %%PREFIX%%/etc/mtree/BIND.chroot.dist ]; then
985 mtree -deU -f %%PREFIX%%/etc/mtree/BIND.chroot.dist \
986 -p ${named_chrootdir}
988 warn "%%PREFIX%%/etc/mtree/BIND.chroot.dist missing,"
989 warn "${named_chrootdir} directory structure not updated"
991 if [ -r %%PREFIX%%/etc/mtree/BIND.chroot.local.dist ]; then
992 mkdir -p ${named_chrootdir}%%PREFIX%%
993 mtree -deU -f %%PREFIX%%/etc/mtree/BIND.chroot.local.dist \
994 -p ${named_chrootdir}%%PREFIX%%
996 warn "%%PREFIX%%/etc/mtree/BIND.chroot.local.dist missing,"
997 warn "${named_chrootdir}%%PREFIX%% directory structure not updated"
1000 # Create (or update) the configuration directory symlink
1002 if [ ! -L "${_named_confdirroot}" ]; then
1003 if [ -d "${_named_confdirroot}" ]; then
1004 warn "named chroot: ${_named_confdirroot} is a directory!"
1005 elif [ -e "${_named_confdirroot}" ]; then
1006 warn "named chroot: ${_named_confdirroot} exists!"
1008 ln -s ${_named_confdir} ${_named_confdirroot}
1011 # Make sure it points to the right place.
1012 ln -shf ${_named_confdir} ${_named_confdirroot}
1015 # Mount a devfs in the chroot directory if needed
1017 if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
1018 umount ${named_chrootdir}/dev 2>/dev/null
1019 devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
1020 devfs -m ${named_chrootdir}/dev rule apply path null unhide
1021 devfs -m ${named_chrootdir}/dev rule apply path random unhide
1023 if [ -c ${named_chrootdir}/dev/null -a \
1024 -c ${named_chrootdir}/dev/random ]; then
1025 info "named chroot: using pre-mounted devfs."
1027 err 1 "named chroot: devfs cannot be mounted from " \
1028 "within a jail. Thus a chrooted named cannot " \
1029 "be run from within a jail. Either mount the " \
1030 "devfs with null and random from the host, or " \
1031 "run named without chrooting it, set " \
1032 "named_chrootdir=\"\" in /etc/rc.conf."
1036 # If OpenSSL from ports, then the engines should be present in the
1037 # chroot, named loads them after chrooting.
1038 if [ -d ${_openssl_engines} ]; then
1039 # FIXME when 8.4 is gone see if
1040 # security.jail.param.allow.mount.nullfs can be used.
1041 if [ `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ]; then
1042 mkdir -p ${named_chrootdir}${_openssl_engines}
1043 mount -t nullfs ${_openssl_engines} ${named_chrootdir}${_openssl_engines}
1045 warn "named chroot: cannot nullfs mount OpenSSL" \
1046 "engines into the chroot, will copy the shared" \
1047 "libraries instead."
1048 mkdir -p ${named_chrootdir}${_openssl_engines}
1049 cp -f ${_openssl_engines}/*.so ${named_chrootdir}${_openssl_engines}
1053 # Copy and/or update key files to the chroot /etc
1055 for file in localtime protocols services; do
1056 if [ -r /etc/${file} ] && \
1057 ! cmp -s /etc/${file} "${named_chrootdir}/etc/${file}"; then
1058 cp -p /etc/${file} "${named_chrootdir}/etc/${file}"
1063 # Make symlinks to the correct pid file
1067 checkyesno named_symlink_enable &&
1068 ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
1075 if checkyesno named_wait; then
1076 until ${_named_program_root}/bin/host ${named_wait_host} >/dev/null 2>&1; do
1077 echo " Waiting for nameserver to resolve ${named_wait_host}"
1085 # This is a one line function, but ${named_program} is not defined early
1086 # enough to be there when the reload_cmd variable is defined up there.
1092 if get_pidfile_from_conf pid-file ${named_conf}; then
1093 pidfile="${_pidfile_from_conf}"
1095 pidfile="/var/run/named/pid"
1103 # This duplicates an undesirably large amount of code from the stop
1104 # routine in rc.subr in order to use rndc to shut down the process,
1105 # and to give it a second chance in case rndc fails.
1106 rc_pid=$(check_pidfile ${pidfile} ${command})
1107 if [ -z "${rc_pid}" ]; then
1108 [ -n "${rc_fast}" ] && return 0
1112 echo 'Stopping named.'
1114 wait_for_pids ${rc_pid}
1116 echo -n 'rndc failed, trying kill: '
1117 kill -TERM ${rc_pid}
1118 wait_for_pids ${rc_pid}
1124 if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then
1125 # if using OpenSSL from ports, unmount OpenSSL engines, if they
1126 # were not mounted but only copied, do nothing.
1127 if [ -d ${_openssl_engines} -a \( `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 \) ]; then
1128 umount ${named_chrootdir}${_openssl_engines}
1131 if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
1132 umount ${named_chrootdir}/dev 2>/dev/null || true
1134 warn "named chroot:" \
1135 "cannot unmount devfs from inside jail!"
1142 if [ -e "$1" ]; then
1145 install -o root -g wheel -m 0644 /dev/null $1
1150 if [ -z "${rndc_flags}" ]; then
1151 if [ -s "${rndc_conf}" ] ; then
1152 rndc_flags="-c ${rndc_conf}"
1153 elif [ -s "${rndc_key}" ] ; then
1154 rndc_flags="-k ${rndc_key}"
1160 ${_named_program_root}/sbin/rndc ${rndc_flags} "$@"
1167 if [ -n "${named_pidfile}" ]; then
1168 warn 'named_pidfile: now determined from the conf file'
1171 piddir=`/usr/bin/dirname ${pidfile}`
1172 if [ ! -d ${piddir} ]; then
1173 install -d -o ${named_uid} -g ${named_uid} ${piddir}
1176 command_args="-u ${named_uid:=root} -c ${named_conf} ${command_args}"
1178 local line nsip firstns
1180 # Is the user using a sandbox?
1182 if [ -n "${named_chrootdir}" ]; then
1183 rc_flags="${rc_flags} -t ${named_chrootdir}"
1184 checkyesno named_chroot_autoupdate && chroot_autoupdate
1186 named_symlink_enable=NO
1189 # Create an rndc.key file for the user if none exists
1191 confgen_command="${_named_program_root}/sbin/rndc-confgen -a -b256 -u ${named_uid} \
1192 -c ${_named_confdir}/rndc.key"
1193 if [ -s "${_named_confdir}/rndc.conf" ]; then
1194 unset confgen_command
1196 if [ -s "${_named_confdir}/rndc.key" ]; then
1197 case `stat -f%Su ${_named_confdir}/rndc.key` in
1198 root|${named_uid}) ;;
1199 *) ${confgen_command} ;;
1207 checkconf="${_named_program_root}/sbin/named-checkconf"
1208 if ! checkyesno named_chroot_autoupdate && [ -n "${named_chrootdir}" ]; then
1209 checkconf="${checkconf} -t ${named_chrootdir}"
1212 # Create a forwarder configuration based on /etc/resolv.conf
1213 if checkyesno named_auto_forward; then
1214 if [ ! -s /etc/resolv.conf ]; then
1215 warn "named_auto_forward enabled, but no /etc/resolv.conf"
1217 # Empty the file in case it is included in named.conf
1218 [ -s "${_named_confdir}/auto_forward.conf" ] &&
1219 create_file ${_named_confdir}/auto_forward.conf
1221 ${checkconf} ${named_conf} ||
1222 err 3 'named-checkconf for ${named_conf} failed'
1226 create_file /var/run/naf-resolv.conf
1227 create_file /var/run/auto_forward.conf
1229 echo ' forwarders {' > /var/run/auto_forward.conf
1233 'nameserver '*|'nameserver '*)
1234 nsip=${line##nameserver[ ]}
1236 if [ -z "${firstns}" ]; then
1237 if [ ! "${nsip}" = '127.0.0.1' ]; then
1238 echo 'nameserver 127.0.0.1'
1239 echo " ${nsip};" >> /var/run/auto_forward.conf
1244 [ "${nsip}" = '127.0.0.1' ] && continue
1245 echo " ${nsip};" >> /var/run/auto_forward.conf
1251 done < /etc/resolv.conf > /var/run/naf-resolv.conf
1253 echo ' };' >> /var/run/auto_forward.conf
1254 echo '' >> /var/run/auto_forward.conf
1255 if checkyesno named_auto_forward_only; then
1256 echo " forward only;" >> /var/run/auto_forward.conf
1258 echo " forward first;" >> /var/run/auto_forward.conf
1261 if cmp -s /etc/resolv.conf /var/run/naf-resolv.conf; then
1262 unlink /var/run/naf-resolv.conf
1264 [ -e /etc/resolv.conf ] && unlink /etc/resolv.conf
1265 mv /var/run/naf-resolv.conf /etc/resolv.conf
1268 if cmp -s ${_named_confdir}/auto_forward.conf \
1269 /var/run/auto_forward.conf; then
1270 unlink /var/run/auto_forward.conf
1272 [ -e "${_named_confdir}/auto_forward.conf" ] &&
1273 unlink ${_named_confdir}/auto_forward.conf
1274 mv /var/run/auto_forward.conf \
1275 ${_named_confdir}/auto_forward.conf
1278 # Empty the file in case it is included in named.conf
1279 [ -s "${_named_confdir}/auto_forward.conf" ] &&
1280 create_file ${_named_confdir}/auto_forward.conf
1283 ${checkconf} ${named_conf} || err 3 "named-checkconf for ${named_conf} failed"
1289 [FILE:3289:files/named.root]
1290 ; This file holds the information on root name servers needed to
1291 ; initialize cache of Internet domain name servers
1292 ; (e.g. reference this file in the "cache . <file>"
1293 ; configuration file of BIND domain name servers).
1295 ; This file is made available by InterNIC
1296 ; under anonymous FTP as
1297 ; file /domain/named.cache
1298 ; on server FTP.INTERNIC.NET
1299 ; -OR- RS.INTERNIC.NET
1301 ; last update: April 11, 2017
1302 ; related version of root zone: 2017041101
1304 ; formerly NS.INTERNIC.NET
1306 . 3600000 NS A.ROOT-SERVERS.NET.
1307 A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
1308 A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30
1310 ; FORMERLY NS1.ISI.EDU
1312 . 3600000 NS B.ROOT-SERVERS.NET.
1313 B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
1314 B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b
1316 ; FORMERLY C.PSI.NET
1318 . 3600000 NS C.ROOT-SERVERS.NET.
1319 C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
1320 C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c
1322 ; FORMERLY TERP.UMD.EDU
1324 . 3600000 NS D.ROOT-SERVERS.NET.
1325 D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
1326 D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
1328 ; FORMERLY NS.NASA.GOV
1330 . 3600000 NS E.ROOT-SERVERS.NET.
1331 E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
1332 E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e
1334 ; FORMERLY NS.ISC.ORG
1336 . 3600000 NS F.ROOT-SERVERS.NET.
1337 F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
1338 F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
1340 ; FORMERLY NS.NIC.DDN.MIL
1342 . 3600000 NS G.ROOT-SERVERS.NET.
1343 G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
1344 G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d
1346 ; FORMERLY AOS.ARL.ARMY.MIL
1348 . 3600000 NS H.ROOT-SERVERS.NET.
1349 H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53
1350 H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53
1352 ; FORMERLY NIC.NORDU.NET
1354 . 3600000 NS I.ROOT-SERVERS.NET.
1355 I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
1356 I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53
1358 ; OPERATED BY VERISIGN, INC.
1360 . 3600000 NS J.ROOT-SERVERS.NET.
1361 J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
1362 J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30
1364 ; OPERATED BY RIPE NCC
1366 . 3600000 NS K.ROOT-SERVERS.NET.
1367 K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
1368 K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
1372 . 3600000 NS L.ROOT-SERVERS.NET.
1373 L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
1374 L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:9f::42
1378 . 3600000 NS M.ROOT-SERVERS.NET.
1379 M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
1380 M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
1384 [FILE:1637:files/pkg-message-server.in]
1385 **********************************************************************
1386 * _ _____ _____ _____ _ _ _____ ___ ___ _ _ *
1387 * / \|_ _|_ _| ____| \ | |_ _|_ _/ _ \| \ | | *
1388 * / _ \ | | | | | _| | \| | | | | | | | | \| | *
1389 * / ___ \| | | | | |___| |\ | | | | | |_| | |\ | *
1390 * /_/ \_\_| |_| |_____|_| \_| |_| |___\___/|_| \_| *
1392 * BIND requires configuration of rndc, including a "secret" key. *
1393 * The easiest, and most secure way to configure rndc is to run *
1394 * 'rndc-confgen -a' to generate the proper conf file, with a new *
1395 * random key, and appropriate file permissions. *
1397 * The %%PREFIX%%/etc/rc.d/named script will do that for you. *
1399 * If using syslog to log the BIND9 activity, and using a *
1400 * chroot'ed installation, you will need to tell syslog to *
1401 * install a log socket in the BIND9 chroot by running: *
1403 * # sysrc altlog_proglist+=named *
1405 * And then restarting syslogd with: service syslogd restart *
1407 **********************************************************************
1410 [FILE:59:files/special.mk]
1411 BIND_ETCDIR?= etc/namedb
1412 ETCDIR= ${PREFIX}/${BIND_ETCDIR}