The signed domain file rewritten
Jim Popovitch
jimpop at domainmail.org
Tue Nov 12 12:39:30 UTC 2019
On 11/12/19 4:42 AM, Alessandro Vesely wrote:
> Hi,
>
> I have a signed domain, with inline-signing yes and auto-dnssec maintain.
>
> Although the domain is static, the .signed and .signed.jnl files are being
> rewritten without apparent reason. They are about a month newer than the
> corresponding .jbk and base files.
>
> I notice that because of tripwire complaints. I guess I have to tweak that
> config, unless there's a way to prevent or foresee those rewritings.
>
I use this in twpol.txt:
{
/etc -> $(SEC_BIN) (recurse=true) ;
!/etc/bind/zone ;
....
> Why does bind rewrite that file?
>
Because someone forgot to put dynamic files in /var ? :P
https://en.wikipedia.org/wiki/Unix_filesystem
-Jim P.
More information about the bind-users
mailing list