Re: Reload only ACL

2016-04-25 Thread Carl Byington
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Mon, 2016-04-25 at 23:23 +0300, Ali Jawad wrote: > based on a user tool the users "hundreds in corporate environment" get > either public or private zone, Rather than the tool writing an ACL for bind, can the tool instead reconfigure the user's

Re: Reload only ACL

2016-04-25 Thread Anand Buddhdev
On 25/04/16 22:23, Ali Jawad wrote: Hi Ali Jawad, > I do have a very specific requirement for private/public zones and based on > a user tool the users "hundreds in corporate environment" get either public > or private zone, the tool simply writes to an ACL file, my problem is that > the only

Reload only ACL

2016-04-25 Thread Ali Jawad
Hi I do have a very specific requirement for private/public zones and based on a user tool the users "hundreds in corporate environment" get either public or private zone, the tool simply writes to an ACL file, my problem is that the only way I found that does not flush the cache of the server and

Re: Compiling BIND9 on CentOS 7

2016-04-25 Thread Carl Byington
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Mon, 2016-04-25 at 13:54 -0400, Sean Son wrote: > Reindl > Thank you for your response. Let me see if what you provided will > work > with what I am trying to do. If you are compiling any source code for rpm based distributions like RedHat,

Re: 'succesful' nsupdate of remote server not persistent across nameserver restart?

2016-04-25 Thread jasonsu
On Mon, Apr 25, 2016, at 11:33 AM, Matthew Pounsett wrote: > Unless you have a clear reason to do it (perhaps there's some security > consideration I haven't thought of) it seems to me it's unnecessary > complexity that would lead to problems just like this. Noted. Still, I'd honestly like to

Re: 'succesful' nsupdate of remote server not persistent across nameserver restart?

2016-04-25 Thread Matthew Pounsett
On Monday, 25 April 2016, wrote: > > > On Mon, Apr 25, 2016, at 10:58 AM, Matthew Pounsett wrote: > > It's not clear to me why one would want to destroy/rebuild the chroot > every > > time you restart the process. > > Well, here > > (1) Because I inherited it this way,

Re: 'succesful' nsupdate of remote server not persistent across nameserver restart?

2016-04-25 Thread jasonsu
On Mon, Apr 25, 2016, at 10:58 AM, Matthew Pounsett wrote: > It's not clear to me why one would want to destroy/rebuild the chroot every > time you restart the process. Well, here (1) Because I inherited it this way, and (2) The notes' quoted examples did that too, and (3) I'd not yet gotten

Re: 'succesful' nsupdate of remote server not persistent across nameserver restart?

2016-04-25 Thread Matthew Pounsett
On 25 April 2016 at 13:53, wrote: > > > I suspect that there's something wrong with what is/isn't copied , and > maybe when, in that chroot build/destroy script. > It's not clear to me why one would want to destroy/rebuild the chroot every time you restart the process.

Re: Compiling BIND9 on CentOS 7

2016-04-25 Thread Sean Son
Reindl Thank you for your response. Let me see if what you provided will work with what I am trying to do. Thanks again! On Mon, Apr 25, 2016 at 1:36 PM, Reindl Harald wrote: > > > Am 25.04.2016 um 19:23 schrieb Sean Son: > >> Thank you for your reply. >> >> The

Re: 'succesful' nsupdate of remote server not persistent across nameserver restart?

2016-04-25 Thread jasonsu
On Mon, Apr 25, 2016, at 10:46 AM, Matthew Pounsett wrote: > > Unfortunately, that^ returns no TXT record either. Which to me suggests > > the problem's 'earlier'. > > > > Yeah. I think you need to solve the problem with the vanishing journal > file first. But, the above dig is what you

Re: 'succesful' nsupdate of remote server not persistent across nameserver restart?

2016-04-25 Thread Matthew Pounsett
On 25 April 2016 at 13:44, wrote: > > > On Mon, Apr 25, 2016, at 10:19 AM, Matthew Pounsett wrote: > > > TBH I don't understand WHAT to 'expect' from dig to test/verify this^. > > > What do I dig to get an answer with "TEST STRING" in it? > > > > dig in txt

Re: 'succesful' nsupdate of remote server not persistent across nameserver restart?

2016-04-25 Thread jasonsu
On Mon, Apr 25, 2016, at 10:19 AM, Matthew Pounsett wrote: > > TBH I don't understand WHAT to 'expect' from dig to test/verify this^. > > What do I dig to get an answer with "TEST STRING" in it? > > dig in txt test.example.com @ns01.example.com Thanks. Unfortunately, that^ returns no TXT

Re: Compiling BIND9 on CentOS 7

2016-04-25 Thread Sean Son
Thank you for your reply. The issue is, I do not know what other services/targets will need to be started prior to BIND starting. In other words, I have no idea how to set up the unit file for BIND. Thanks On Mon, Apr 25, 2016 at 12:09 PM, Anand Buddhdev wrote: > On

Re: 'succesful' nsupdate of remote server not persistent across nameserver restart?

2016-04-25 Thread Matthew Pounsett
On Sunday, 24 April 2016, wrote: > > This zone would not pass named-checkzone, which interestingly, is the > same code which named itself uses when initially loading a zone. > > It appears to > > named-checkzone -t /var/chroot/named example.com >

Re: Compiling BIND9 on CentOS 7

2016-04-25 Thread Anand Buddhdev
On 25/04/16 17:59, Sean Son wrote: Hi Sean Son, > I know I emailed the list about compiling BIND on a SystemD distro earlier > last month. This time I have a different question. After I compile BIND9 on > CentOS 7 , how do I get it to start up at boot time and how do I restart > it? I don't want

Compiling BIND9 on CentOS 7

2016-04-25 Thread Sean Son
Hello all I know I emailed the list about compiling BIND on a SystemD distro earlier last month. This time I have a different question. After I compile BIND9 on CentOS 7 , how do I get it to start up at boot time and how do I restart it? I don't want to have to write a systemd unit configuration