Anyone have problems with BIND 9.8.0
dot at dotat.at
Mon May 2 23:40:52 UTC 2011
> A couple of problems:
> Firstly, if you are running chrooted and have a recent version of
> OpenSSL installed, you must either copy the OpenSSL gost cipher engine
> loadable module into your chroot, or hack the build scripts to disable
> gost support. The easiest way to do this is to make the obvious one line
> change to bind's config.h before running make. I could not work out how
> to make OpenSSL behave.
(i.e. I could not make OpenSSL's build system either leave out gost
support entirely or compile it in statically.)
> Secondly, bind's automatic trust anchor handl
Sorry that got truncated: touchphone fail.
BIND's automatic trust anchor handling has changed. There's a new
'dnssec-validation auto' option to enable automatic root trust anchor
management. I found that to make this work properly I had to delete the
old managed-keys pseudo-zone files - it seems that BIND only adds the
default root and/or DLV trust anchors when creating the files.
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Rockall, Malin, Hebrides: South 5 to 7, occasionally gale 8 at first in
Rockall and Malin, veering west or northwest 4 or 5, then backing southwest 5
or 6 later. Rough or very rough. Occasional rain. Moderate or good,
More information about the bind-users