diff --git a/Bundler/bind.xml b/Bundler/bind.xml index 0a56345..ed770c2 100644 --- a/Bundler/bind.xml +++ b/Bundler/bind.xml @@ -1,5 +1,6 @@ + diff --git a/Metadata/groups.xml b/Metadata/groups.xml index 0be7198..fea27f1 100644 --- a/Metadata/groups.xml +++ b/Metadata/groups.xml @@ -30,6 +30,7 @@ profile="true"> + @@ -50,6 +51,7 @@ + diff --git a/Python/etc/bind/named.conf b/Python/etc/bind/named.conf new file mode 100644 index 0000000..43fc2a0 --- /dev/null +++ b/Python/etc/bind/named.conf @@ -0,0 +1,23 @@ +# -*- mode: python; encoding: utf-8 -*- + +info["owner"] = "root" +info["group"] = "bind" +info["perms"] = 0644 + +comment_start = "//" + +header("Conf de base de Bind9") + +@// This is the primary configuration file for the BIND DNS server named. +@// +@// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +@// structure of BIND configuration files in Debian, *BEFORE* you customize +@// this configuration file. +@// +@// If you are just adding zones, please do that in /etc/bind/named.conf.local + + +if has("dnssec-validation"): + @include "/etc/bind/bind.keys"; +@include "/etc/bind/named.conf.options"; +@include "/etc/bind/named.conf.local"; diff --git a/Python/etc/bind/named.conf.options b/Python/etc/bind/named.conf.options index bb10011..c3eb570 100644 --- a/Python/etc/bind/named.conf.options +++ b/Python/etc/bind/named.conf.options @@ -52,5 +52,9 @@ if not has("dns-secondary-no-forward"): @ // traitement automatique pour la connexion de secours @ // (ligne decommentee automatiquement en mode secours) @// forwarders { 138.231.136.14; } ; #POUR SECOURS -@}; +if has("dnssec-validation"): + @ dnssec-enable yes; + @ dnssec-validation yes; + +@}; diff --git a/Python/etc/bind/rndc.key b/Python/etc/bind/rndc.key index e5e18e4..6840977 100644 --- a/Python/etc/bind/rndc.key +++ b/Python/etc/bind/rndc.key @@ -1,6 +1,6 @@ include("secrets") -info["owner"] = "root" +info["owner"] = "bind" info["group"] = "bind" info["perms"] = 0640