diff --git a/basicnet/netutils/bind-utils.xml b/basicnet/netutils/bind-utils.xml index c4ce960146..1dbc4af871 100644 --- a/basicnet/netutils/bind-utils.xml +++ b/basicnet/netutils/bind-utils.xml @@ -6,9 +6,9 @@ - - - + + + ]> @@ -20,7 +20,8 @@ BIND Utilities-&bind-version; -Introduction to <application><acronym>BIND</acronym> Utilities</application> +Introduction to <application><acronym>BIND</acronym> +Utilities</application> BIND Utilities is not a separate package, it is a collection of the client side programs that are @@ -49,14 +50,19 @@ url="&bind-download-ftp;"/> -Installation of <application><acronym>BIND</acronym> Utilities</application> +Installation of <application><acronym>BIND</acronym> +Utilities</application> -Install BIND Utilities by +Install +BIND Utilities by running the following commands: ./configure --prefix=/usr && make -C lib/dns && make -C lib/isc && +make -C lib/bind9 && +make -C lib/isccfg && +make -C lib/lwres && make -C bin/dig && make -C bin/dig install @@ -65,9 +71,11 @@ make -C bin/dig install Command explanations -make -C lib/...: This command builds the libraries that are needed for the client programs. +make -C lib/...: These commands build the +libraries that are needed for the client programs. -make -C bin/dig: This command builds the client programs. +make -C bin/dig: This command builds the +client programs. diff --git a/general.ent b/general.ent index 3cde9de3c9..4717dc3e63 100644 --- a/general.ent +++ b/general.ent @@ -182,7 +182,7 @@ - + diff --git a/introduction/welcome/changelog.xml b/introduction/welcome/changelog.xml index 543cbe4148..a0eae2c6ff 100644 --- a/introduction/welcome/changelog.xml +++ b/introduction/welcome/changelog.xml @@ -22,6 +22,9 @@ who wrote what. +October 20th, 2004 [dj]: Updated to bind-9.3.0 and +moved subversion to use FSFS backend. + October 20th, 2004 [randy]: Updated to libtiff-3.7.0. diff --git a/server/other/bind.xml b/server/other/bind.xml index b4f80d3b10..03ee07c1d9 100644 --- a/server/other/bind.xml +++ b/server/other/bind.xml @@ -6,9 +6,9 @@ - - - + + + ]> @@ -71,18 +71,17 @@ make install Configuration Information -We will configure -BIND to run in a chroot -jail as an unprivileged user (named). This configuration is more secure -in that a DNS compromise can only affect a few files -in the named user's HOME directory. +BIND will configured +to run in a chroot jail as an unprivileged user (named). This configuration +is more secure in that a DNS compromise can only affect +a few files in the named user's HOME directory. -First we create the unprivileged user and group named: +Create the unprivileged user and group named: groupadd named && useradd -m -g named -s /bin/false named -Then we set up some files, directories and devices needed by +Set up some files, directories and devices needed by BIND: cd /home/named && @@ -93,6 +92,12 @@ chmod 666 /home/named/dev/{null,random} && mkdir /home/named/etc/namedb/pz && cp /etc/localtime /home/named/etc +Then, generate a key for use in the named.conf +and rdnc.conf files using the +rndc-confgen command: + +rndc-confgen -b 512 | grep -m 1 "secret" | cut -d '"' -f 2 + Create the named.conf file from which named will read the location of zone files, root name servers and secure DNS keys: @@ -109,7 +114,7 @@ will read the location of zone files, root name servers and secure }; key "rndc_key" { algorithm hmac-md5; - secret "[c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K]"; + secret "[Insert secret from rndc-confgen's output here]"; }; zone "." { type hint; @@ -121,6 +126,24 @@ will read the location of zone files, root name servers and secure }; EOF +Create the rndc.conf with the following commands: + +cat > /etc/rndc.conf << "EOF" +key rndc_key { +algorithm "hmac-md5"; + secret + "[Insert secret from rndc-confgen's output here]"; + }; +options { + default-server localhost; + default-key rndc_key; +}; +EOF + +The rndc.conf file contains information for +controlling named operations with the rndc +utility. + Create a zone file with the following contents: cat > /home/named/etc/namedb/pz/127.0.0 << "EOF" @@ -176,24 +199,6 @@ servers. This file must be updated periodically with the Consult the BIND 9 Administrator Reference Manual for details. -Create the rndc.conf with the following commands: - -cat > /etc/rndc.conf << "EOF" -key rndc_key { -algorithm "hmac-md5"; - secret - "[c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K]"; - }; -options { - default-server localhost; - default-key rndc_key; -}; -EOF - -The rndc.conf file contains information for -controlling named operations with the rndc -utility. - Create or modify resolv.conf to use the new name server with the following commands: diff --git a/server/other/svnserver.xml b/server/other/svnserver.xml index 9c3ac95d81..f78d3a00ab 100644 --- a/server/other/svnserver.xml +++ b/server/other/svnserver.xml @@ -82,12 +82,24 @@ script. 2. Create a <application>Subversion</application> repository. + +With subversion-1.1.0 and greater, a new type of repository +data-store is availible, FSFS. There is a tradeoff +for speed with the new backend, however, the repository can now be +placed on a network mount, and any corruption does not require an +admin to recover the repository. For more information and comparison +between FSFS and BDB, plese see +. +Optionally you can pass bdb in place of +fsfs in the following command to create a +BerkelyDB data-store. + Create a new Subversion repository with the following commands: install -d -m0755 /srv && install -d -m0755 -o svn -g svn /srv/svn/repositories && -svnadmin create /srv/svn/repositories/svntest +svnadmin create --fs-type fsfs /srv/svn/repositories/svntest Now that the repository is created, we need to populate it with something useful. You'll need to have a predefined directory layout @@ -208,7 +220,7 @@ service svn } EOF -Finally, if you wish to simply start the sever in daemon mode at +Finally, if you wish to simply start the sever at startup, install the svn bootscript included in the package.