Opened 3 years ago

Last modified 2 years ago

#62492 assigned defect

dns-server should add "dnssec-validation auto" option to named.conf

Reported by: steven-michaud (Steven Michaud) Owned by: essandess (Steve Smith)
Priority: Normal Milestone:
Component: ports Version:
Keywords: Cc:
Port: dns-server

Description

Without this option all external DNS lookups fail, and /opt/local/var/log/named/named.log is filled with signing errors. This option is included in the bind9 port's "named.conf.dist". But for some reason dns-server's "named.conf.macports" doesn't contain it, and dns-server doesn't write it to named.conf.

I'm working on macOS 11.2.3. My MacPorts bind9 distro is "bind9 @9.16.12".

Change History (5)

comment:1 Changed 3 years ago by jmroot (Joshua Root)

Owner: set to essandess
Status: newassigned

comment:3 Changed 3 years ago by essandess (Steve Smith)

In a64f314af5027bb61029934910664906113c5aa1/macports-ports (master):

dns-server: Update to version 9.16.13 with bugfixes and improvements

comment:4 Changed 3 years ago by steven-michaud (Steven Michaud)

A few hours after this bug's fix landed (as per comment 3) I tested it as follows:

  1. I ran sudo port selfupdate and sudo port upgrade outdated to make sure I had the latest version of everything MacPorts.
  1. I sudo port uninstalled both dns-server and bind9. I also removed all the files dns-server had created.
  1. I reran sudo port install dns-server.

The fix worked -- the new named.conf had a dnssec-validation auto option.

Thanks for fixing this so quickly!

Last edited 3 years ago by steven-michaud (Steven Michaud) (previous) (diff)

comment:5 Changed 2 years ago by essandess (Steve Smith)

This issue is fixed by https://github.com/macports/macports-ports/pull/10342 and may be closed.

Note: See TracTickets for help on using tickets.