On 2019-03-17 20:37:56 +0000, Alan Clegg said:
On 3/17/19 2:51 PM, Alan Clegg wrote:
On 3/17/19 7:13 AM, Stephan von Krawczynski wrote:
Hello all,
I am using "BIND 9.13.7 (Development Release) <id:6491691>" on arch linux. Up
to few days ago everything was fine using "certbot renew". I had
"allow-update" in nameds' global section, everything worked well. Updating to
the above version threw a config error that "allow-update" has no global scope
and is to be used in every single zone definition.
And you may have found a bug. I'm checking internally at this time.
So, after a discussion with one of the BIND engineers this afternoon,
this turned out to be quite an interesting and deep-rooted issue.
During a cleanup of other code (specifically named-checkconf), code was
changed that enforced what was believed to have been the default
previously: specifically, allow-update was only allowed in zone stanzas.
Can I ask who believed it was previously the default? I hope I'm not
misreading the first dozen or so lines of this page (which seems to be
reflected in previous editions of the ARM).
<https://ftp.isc.org/isc/bind9/cur/9.13/doc/arm/Bv9ARM.ch05.html#options_grammar>
Sam
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
