Product SiteDocumentation Site

Chapter 7. Berkeley Internet Name Domain

7.1. BIND and SELinux
7.2. Types
7.3. Booleans
7.4. Configuration Examples
7.4.1. Dynamic DNS
BIND performs name resolution services via the named daemon. BIND lets users locate computer resources and services by name instead of numerical addresses.
In Red Hat Enterprise Linux, the bind package provides a DNS server. Run rpm -q bind to see if the bind package is installed. If it is not installed, run the following command as the root user to install it: 
yum install bind

7.1. BIND and SELinux

The default permissions on the /var/named/slaves,/var/named/dynamic and /var/named/data directories allow zone files to be updated via zone transfers and dynamic DNS updates. Files in /var/named are labeled with the named_zone_t type, which is used for master zone files.
For a slave server, configure /etc/named.conf to place slave zones in /var/named/slaves. The following is an example of a domain entry in /etc/named.conf for a slave DNS server that stores the zone file for testdomain.com in /var/named/slaves: 
zone "testdomain.com" {
			type slave;
			masters { IP-address; };
			file "/var/named/slaves/db.testdomain.com";
		       };
If a zone file is labeled named_zone_t, the named_write_master_zones Boolean must be enabled to allow zone transfers and dynamic DNS to update the zone file. Also, the mode of the parent directory has to be changed to allow the named user or group read, write and execue access.
If zone files in /var/named/ are labeled with named_cache_t type, a file system relabel or running restorecon -R /var/ will change their type to named_zone_t.