= phenomenon =
named.conf file has rndckey defined (with value), and in rndc.conf the file is included. shouldn't named include the file as well? or a different key value is being loaded?
= reason =
= recommendation =
replce defined key in named.conf with include key directive, and move key value to /etc/rndckey file
here is a proposed patch:
{{{
diff --git a/roles/dns/files/named.conf b/roles/dns/files/named.conf index 7f90ab2..ad6b06d 100644 --- a/roles/dns/files/named.conf +++ b/roles/dns/files/named.conf @@ -10,10 +10,9 @@ // Setup for GeoDNS include "/var/named/GeoIP.acl";
-key "rndckey" { - algorithm hmac-md5; - secret "41x7Lj4MEobl58VDDK97ItQTGQq7MlahOcmlTYpxTDnS0ALgBaYWXg -}; +//include rndckey +include "/etc/rndc.key"; + // dns1.j2solutions.net - run by Jesse Keating jkeating@redhat.com acl "slaves" { 209.124.61.35; }; // }}}
Applied. Thanks!
Login to comment on this ticket.