Accidentally ran rndc-confgen on a working BIND box

[Greg Choules]

My bad. I spotted that afterwards.

On Thu, 28 Nov 2024 at 13:48, Anand Buddhdev <anandb at ripe.net> wrote:

> On Tue, 26 Nov 2024 at 09:40, Greg Choules via bind-users <
> bind-users at lists.isc.org> wrote:
>
> Hi Greg,
>
> Running "named-checkconf -p" will print your entire named configuration,
>> following any include files. There *must* be a "controls" section in there
>> or rndc could not work, since, from the ARM:
>>
>
> A "controls" section is *not* required in named.conf. If there isn't one,
> BIND uses some defaults. From the BIND ARM:
>
> "If no controls
> <https://bind9.readthedocs.io/en/v9.18.31/reference.html#namedconf-statement-controls> statement
> is present, named
> <https://bind9.readthedocs.io/en/v9.18.31/manpages.html#std-iscman-named> sets
> up a default control channel listening on the loopback address 127.0.0.1
> and its IPv6 counterpart, ::1. In this case, and also when the controls
> <https://bind9.readthedocs.io/en/v9.18.31/reference.html#namedconf-statement-controls> statement
> is present but does not have a keys
> <https://bind9.readthedocs.io/en/v9.18.31/reference.html#namedconf-statement-keys>
>  clause, named
> <https://bind9.readthedocs.io/en/v9.18.31/manpages.html#std-iscman-named> attempts
> to load the command channel key from the file /etc/rndc.key. To create an
> rndc.key file, run rndc-confgen -a
> <https://bind9.readthedocs.io/en/v9.18.31/manpages.html#cmdoption-rndc-confgen-a>
> ."
>
> Since this is Ubuntu, BIND on it has been compiled with "sysconfdir" set
> to "/etc/bind", and so a missing "controls" section will make BIND load the
> key from "/etc/bind/rndc.key".
>
> This is why "rndc" just works for Luis. Our BIND configuration files also
> do not have a "controls" section, and we rely on the default behaviour.
>
> Regards,
> Anand
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20241128/a86e717f/attachment-0001.htm>