Project

General

Profile

Actions

Regression #13002

closed

BIND 9.16_13 could not find existing DNSSEC keys at /cf/named/etc/namedb/keys due to directory change

Added by Viktor Gurov almost 2 years ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
Viktor Gurov
Category:
BIND
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

https://forum.netgate.com/topic/170558/bind-package-9-16_12-reads-from-cf-named-but-changes-in-the-gui-are-written-to-var-etc-named:
"pfSense 2.6.0 with BIND 9.16_12 (10 zones with DNSSEC Inline Signing and Backup Keys flags) work as usual.
After upgrading to 9.16_13 it stopped signing DNSSEC. New BIND try to find keys at /var/etc/named/etc/namedb/keys istead of /cf/named/etc/namedb/keys."

workaround:
1) copy all DNSSEC keys: "cp /cf/named/etc/namedb/keys/* /var/etc/named/etc/namedb/keys/"
2) Create a symbolic link: "ln -s /var/etc/named /cf/named"


Related issues

Related to Bug #12869: Bind DNS Package AAAA filtering Broken on new ZFS InstallsResolvedViktor Gurov

Actions
Actions #1

Updated by Viktor Gurov almost 2 years ago

  • Related to Bug #12869: Bind DNS Package AAAA filtering Broken on new ZFS Installs added
Actions #2

Updated by Viktor Gurov almost 2 years ago

  • Assignee set to Viktor Gurov
Actions #3

Updated by Jim Pingle almost 2 years ago

  • Status changed from New to Pull Request Review
Actions #4

Updated by Viktor Gurov almost 2 years ago

  • Status changed from Pull Request Review to Feedback
Actions #5

Updated by Danilo Zrenjanin over 1 year ago

  • Status changed from Feedback to Resolved

Tested:

22.05-RELEASE (amd64)
built on Wed Jun 22 18:56:13 UTC 2022
FreeBSD 12.3-STABLE

bind:

9.16_17

I run the service successfully with the keys in the old location. They get moved to the new valid path.

Ticket resolved.

Actions

Also available in: Atom PDF