-
Notifications
You must be signed in to change notification settings - Fork 16
/
POST_INSTALL
49 lines (39 loc) · 1.34 KB
/
POST_INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# lets create user and group if they are not avail
mkdir -p /var/named
# create the named.root
# created with command: dig +norecurse NS . @a.root-servers.net > named.root
cp $SCRIPT_DIRECTORY/named.root /var/named/
# if we do not have a named.conf already, copy the default
if [ ! -e /var/named/named.conf ]; then
cp $SCRIPT_DIRECTORY/named.conf /var/named/
fi
# and make the softlink!
if [ ! -e /etc/named.conf ]; then
ln -sf /var/named/named.conf /etc/
fi
# lets set the permissions
chown -R bind:bind /var/named
chmod 644 /var/named/named.conf
chmod 644 /var/named/named.root
# lets create an rndc key if none avail
if [ ! -e /etc/rndc.key ]; then
rndc-confgen -a
fi
# a rndc.conf.sample is no longer provided in the tarbal
# lets copy a sample rndc.conf if none avail
#if [ ! -e /etc/rndc.conf ]; then
# cp $SOURCE_DIRECTORY/bin/rndc/rndc.conf /etc/rndc.conf.sample
#fi
cat << EOF
ISC has added a patch to BIND intended to prevent domain registrars from misusing
'wildcard' or 'synthesized' data. (E.g. Versign's attempt to direct mistyped
domains to their own sites by adding wildcard records for .com and .net.
To use this new bind feature for disabling verisign's .com, .net wildcards, add
the following zones to a caching or recursive nameserver (/etc/named.conf):
zone "net" {
type delegation-only;
};
zone "com" {
type delegation-only;
};
EOF