mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 08:00:02 -06:00
4e5a68397a
This patch adds options --forwarder and --no-forwarders. At least one of them must be used if you are doing a setup with DNS server. They are also mutually exclusive. The --forwarder option can be used more than once to specify more servers. If the installer runs in interactive mode, it will prompt the user if none of these option was given at the command line.
41 lines
910 B
Plaintext
41 lines
910 B
Plaintext
options {
|
|
// Put files that named is allowed to write in the data/ directory:
|
|
directory "/var/named"; // the default
|
|
dump-file "data/cache_dump.db";
|
|
statistics-file "data/named_stats.txt";
|
|
memstatistics-file "data/named_mem_stats.txt";
|
|
|
|
forward first;
|
|
forwarders {$FORWARDERS};
|
|
|
|
tkey-gssapi-credential "DNS/$FQDN";
|
|
tkey-domain "$REALM";
|
|
};
|
|
|
|
/* If you want to enable debugging, eg. using the 'rndc trace' command,
|
|
* By default, SELinux policy does not allow named to modify the /var/named directory,
|
|
* so put the default debug log file in data/ :
|
|
*/
|
|
logging {
|
|
channel default_debug {
|
|
file "data/named.run";
|
|
severity dynamic;
|
|
};
|
|
};
|
|
|
|
zone "." IN {
|
|
type hint;
|
|
file "named.ca";
|
|
};
|
|
|
|
include "/etc/named.rfc1912.zones";
|
|
|
|
dynamic-db "ipa" {
|
|
library "ldap.so";
|
|
arg "uri ldap://$FQDN";
|
|
arg "base cn=dns, $SUFFIX";
|
|
arg "auth_method sasl";
|
|
arg "sasl_mech GSSAPI";
|
|
arg "sasl_user DNS/$FQDN";
|
|
};
|