bind/named.sysconfig
Adam Tkac 2fc1c6e8a5 - update to 9.7.0b1
- add bind-pkcs11 subpackage to support PKCS11 compatible keystores for
    DNSSEC keys
2009-11-03 11:06:16 +00:00

43 lines
1.8 KiB
Plaintext

# BIND named process options
# ~~~~~~~~~~~~~~~~~~~~~~~~~~
# Currently, you can use the following options:
#
# ROOTDIR="/var/named/chroot" -- will run named in a chroot environment.
# you must set up the chroot environment
# (install the bind-chroot package) before
# doing this.
# NOTE:
# Those directories are automatically mounted to chroot if they are
# empty in the ROOTDIR directory. It will simplify maintenance of your
# chroot environment.
# - /var/named
# - /etc/pki/dnssec-keys
# - /etc/named
# - /usr/lib64/bind or /usr/lib/bind (architecture dependent)
#
# Those files are mounted as well if target file doesn't exist in
# chroot.
# - /etc/named.conf
# - /etc/rndc.conf
# - /etc/rndc.key
# - /etc/named.rfc1912.zones
# - /etc/named.dnssec.keys
#
# Don't forget to add "$AddUnixListenSocket /var/named/chroot/dev/log"
# line to your /etc/rsyslog.conf file. Otherwise your logging becomes
# broken when rsyslogd daemon is restarted (due update, for example).
#
# OPTIONS="whatever" -- These additional options will be passed to named
# at startup. Don't add -t here, use ROOTDIR instead.
#
# KEYTAB_FILE="/dir/file" -- Specify named service keytab file (for GSS-TSIG)
#
# DEBUG="yes|no" -- This option controls if you would like to debug
# named process. If you set this option to "yes" then
# /var/named/ directory become writable by named user
# and named will be able to write core dumps there.
#
# OPTIONS="-E pkcs11" -- Enable loading of DNSSEC keys from PKCS11 compatible
# keystores. Make sure you have bind-pkcs11 package
# installed.