mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-11 16:51:55 -06:00
a5cbdb57e5
Upgrade path to add additional include to named.conf is not handled. Remove bindkeys-file directive from named config The ISC DVL service was shut down (https://www.isc.org/bind-keys/). BIND versions since April 2017 (i.e. 9.9.10, 9.10.5, 9.11.1 and later) include a hard-coded copy of the root KSK which gets updates automatically according to RFC 5011. Move dnssec-enable directive to custom named config Move comment named config being managed by FreeIPA to the top Move settings which could be changed by administrators to ipa-options-ext.conf. Settings defined there are sole responsibility of the administrator. We do not check if they might collide with our settings in named.conf. Fixes: https://pagure.io/freeipa/issue/8287 Co-authored-by: Peter Keresztes Schmidt <carbenium@outlook.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
12 lines
277 B
Plaintext
12 lines
277 B
Plaintext
// Custom managed file.
|
|
// Here you can set your own options, for instance ACL for recursion access:
|
|
//
|
|
// acl "trusted_network" {
|
|
// localnets;
|
|
// localhost;
|
|
// 234.234.234.0/24;
|
|
// 2001::co:ffee:babe:1/48;
|
|
// };
|
|
//
|
|
// This file will NOT be overridden during updates!
|