diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2007-09-02 23:42:40 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 15:03:36 -0500 |
| commit | ced6fc995f3bc9b00770ff1002a57f20d6b3e109 (patch) | |
| tree | f543b9ea14a569a98678c02acc10ba9cda6cd128 /source4 | |
| parent | b4aa01dcd192491e2f5f0c9b28d446d7a668ee74 (diff) | |
| download | samba-ced6fc995f3bc9b00770ff1002a57f20d6b3e109.tar.gz samba-ced6fc995f3bc9b00770ff1002a57f20d6b3e109.tar.bz2 samba-ced6fc995f3bc9b00770ff1002a57f20d6b3e109.zip | |
r24911: Make better use of substituted variables in example named.conf
Andrew Bartlett
(This used to be commit 9f18a9711771a88be7c38bc26ae6e59fb98f93dd)
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/scripting/libjs/provision.js | 2 | ||||
| -rw-r--r-- | source4/setup/named.conf | 10 |
2 files changed, 7 insertions, 5 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js index ca0fedf97b..fd6de2695f 100644 --- a/source4/scripting/libjs/provision.js +++ b/source4/scripting/libjs/provision.js @@ -380,6 +380,7 @@ function provision_default_paths(subobj) paths.secrets = lp.get("secrets database"); paths.keytab = "secrets.keytab"; paths.dns_keytab = "dns.keytab"; + paths.dns_keytab_abs = lp.get("private dir") + "/" + paths.dns_keytab; paths.dns = lp.get("private dir") + "/" + dnsdomain + ".zone"; paths.named_conf = lp.get("private dir") + "/named.conf"; paths.winsdb = "wins.ldb"; @@ -478,6 +479,7 @@ function provision_fix_subobj(subobj, paths) subobj.SAM_LDB = "tdb://" + paths.samdb; subobj.SECRETS_KEYTAB = paths.keytab; subobj.DNS_KEYTAB = paths.dns_keytab; + subobj.DNS_KEYTAB_ABS = paths.dns_keytab_abs; subobj.LDAPDIR = paths.ldapdir; var ldap_path_list = split("/", paths.ldapdir); diff --git a/source4/setup/named.conf b/source4/setup/named.conf index 6f97adf644..17beb7a2d7 100644 --- a/source4/setup/named.conf +++ b/source4/setup/named.conf @@ -22,15 +22,15 @@ zone "${DNSDOMAIN}." IN { # for named: KRB5_KTNAME so that it points to the keytab generated. # In RedHat derived systems such RHEL/CentOS/Fedora you can add the following # line to the /etc/sysconfig/named file: -# export KRB5_KTNAME=${DNS_KEYTAB} +# export KRB5_KTNAME=${DNS_KEYTAB_ABS} # # Please note that most distributions have BIND configured to run under # a non-root user account. For example, Fedora Core 6 (FC6) runs BIND as # the user "named" once the daemon relinquishes its rights. Therefore, -# the file "dns.keytab" must be readable by the user that BIND run as. -# If BIND is running as a non-root user, the "dns.keytab" file must have its +# the file "${DNS_KEYTAB}" must be readable by the user that BIND run as. +# If BIND is running as a non-root user, the "${DNS_KEYTAB}" file must have its # permissions altered to allow thge daemon to read it. In the FC6 # example, execute the commands: # -# chgrp named /usr/local/samba/private/dns.keytab -# chmod g+r /usr/local/samba/private/dns.keytab +# chgrp named ${DNS_KEYTAB_ABS} +# chmod g+r ${DNS_KEYTAB_ABS} |