Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 30 Nov 2007 14:11:44 -0500
From:      "David Robillard" <david.robillard@gmail.com>
To:        freebsd@superhero.nl
Cc:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: named.conf - unable to set control bit
Message-ID:  <226ae0c60711301111n39912b36qab8f79a9a38a7bfe@mail.gmail.com>
next in thread | raw e-mail | index | archive | help 
>Hi list,
>
>I have got the following issue. I have added the following settings in
>named.conf but am unable to get it working. If I read the man page it
>seems that what I have put in is completely correct.
>
>REason to put it in is that I want the DHCP server to automatically update
>the DNS zone.
>
>the error I get is:
>
>Nov 30 14:09:31 hulk named[6848]: reloading configuration failed: failure
>Nov 30 14:09:45 hulk named[6848]: /etc/namedb/named.conf:20: expected
>'allow' near ';'
>Nov 30 14:09:45 hulk named[6848]: reloading configuration failed:
>unexpected token
>
>head -n 25 /etc/named/named.conf
># generated with dnssec-keygen -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER
>key DHCP_UPDATER {
>         algorithm HMAC-MD5.SIG-ALG.REG.INT;
>         secret hashedstring==;
>         };
>
>acl "home" {10.202.77.0/24;127.0.0.1;};
>
>options {
>         // Relative to the chroot directory, if any
>         directory       "/etc/namedb";
>         pid-file        "/var/run/named/pid";
>         dump-file       "/var/dump/named_dump.db";
>         statistics-file "/var/stats/named.stats";
>         allow-query     {"home"; };
>
>};
>
>controls {
>         inet 127.0.0.1 port 953;
>allow { 127.0.0.1;10.202.77.110; } keys { "DHCP_UPDATER"; };
>};
>
>Line 20 is where controls start.
>
>Any help much appreciated.
>
>rgds,
>
>Patrick

Patrick,

When you update your named.conf file, make sure you run a syntax check
before (re)starting named. Here's how you do it:

named-checkconf /path/to/your/named.conf && echo $?

If echo returns zero, then you're good to go. Otherwise, fix whatever
problem is displayed.

In your case, you need to remove one semi-colomn (";") to fix your
problem. Here's what your control statement should look like:

controls {
         inet 127.0.0.1 port 953 allow { 127.0.0.1;10.202.77.110; }
keys { "DHCP_UPDATER"; };
};

Cheers,

David
-- 
David Robillard
UNIX systems administrator & Oracle DBA
CISSP, RHCE & Sun Certified Security Administrator
Montreal: +1 514 966 0122

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?226ae0c60711301111n39912b36qab8f79a9a38a7bfe>