<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>I am not 100% sure, but what format of the zone were used?</p>
<p>I think this should be usually catched by default check-names
value on master zones. However, in masterfile-format, I found this
sentence [1]:</p>
<p>> In particular, <span class="command"><strong>check-names</strong></span>
checks do not apply for the <code class="constant">raw</code>
format.</p>
<p>Does that mean dynamic updated zones saved in raw format would
never have check-names active, both on dynamic updates and on
(re)start of named? I have not tested it yet, but it might be
somehow hard to avoid. I found no details about dynamic updates
related in check-names. I think it should refuse such updates on
primary server, but not sure that is enforced. Especially if zone
file format is raw.</p>
<p>Cheers,<br>
Petr<br>
</p>
<p>1.
<a class="moz-txt-link-freetext" href="https://bind.isc.org/doc/arm/9.11/Bv9ARM.ch06.html#options_grammar">https://bind.isc.org/doc/arm/9.11/Bv9ARM.ch06.html#options_grammar</a><br>
</p>
<div class="moz-cite-prefix">On 11/4/21 20:27, Bruce Johnson via
bind-users wrote:<br>
</div>
<blockquote type="cite"
cite="mid:AC07B0F7-5399-4E7F-B710-E90BD1C4013A@pharmacy.arizona.edu">
On Nov 4, 2021, at 12:01 PM, Bruce Johnson <<a
href="mailto:johnson@pharmacy.arizona.edu"
class="moz-txt-link-freetext" moz-do-not-send="true">johnson@pharmacy.arizona.edu</a>>
wrote:<br class="">
<div>
<blockquote type="cite" class=""><br
class="Apple-interchange-newline">
<div class="">
<div class="">This morning our server started failing to
reload or start. <br class="">
<br class="">
checking the status reveals not a lot of info:<br class="">
<br class="">
systemctl status named-chroot<br class="">
● named-chroot.service - Berkeley Internet Name Domain
(DNS)<br class="">
Loaded: loaded
(/usr/lib/systemd/system/named-chroot.service; enabled;
vendor preset: disabled)<br class="">
Active: failed (Result: exit-code) since Thu 2021-11-04
11:55:17 MST; 27s ago<br class="">
Process: 2020 ExecStartPre=/bin/bash -c if [ !
"$DISABLE_ZONE_CHECKING" == "yes" ]; then
/usr/sbin/named-checkconf -t /var/named/chroot -z
"$NAMEDCONF"; else echo "Checking of zone files is
disabled"; fi (code=exit><br class="">
</div>
</div>
</blockquote>
</div>
<div class=""><br class="">
</div>
<div class="">named-checkconf -z revealed a name had been entered
with underscores. The person responsible has been sacked. (not
really, merely reminded no underscores are allowed in A records
:-)</div>
<div class=""><br class="">
</div>
<div class="">Does named-checkzone not check for this? </div>
<div class=""><br class="">
</div>
<br class="">
<div class=""><span class="Apple-style-span">
<div class="">-- <br class="">
Bruce Johnson<br class="">
University of Arizona<br class="">
College of Pharmacy<br class="">
Information Technology Group<br class="">
<br class="">
Institutions do not have opinions, merely customs</div>
</span></div>
<br class="">
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Please visit <a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list
ISC funds the development of this software with paid support subscriptions. Contact us at <a class="moz-txt-link-freetext" href="https://www.isc.org/contact/">https://www.isc.org/contact/</a> for more information.
bind-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a>
<a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a>
</pre>
</blockquote>
<pre class="moz-signature" cols="72">--
Petr Menšík
Software Engineer
Red Hat, <a class="moz-txt-link-freetext" href="http://www.redhat.com/">http://www.redhat.com/</a>
email: <a class="moz-txt-link-abbreviated" href="mailto:pemensik@redhat.com">pemensik@redhat.com</a>
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB</pre>
</body>
</html>