ERROR: Slooooow dooooown... this page load was delayed.


bind9 - Domain Name System server, resolver library, and related tools ChangeLog
Web site:https://isc.org/bind/
Repository:https://gitlab.isc.org/isc-projects/bind9
Wikipedia:https://en.wikipedia.org/wiki/BIND

HOWTO


# ISC BIND
# ========
# Slackware 14.0: bind 9.9.1-P3
# Slackware 14.1: bind 9.9.3-P2
# Slackware 14.2: bind 9.10.4-P1
# Slackware 15.0: bind 9.16.25
# Check /pub/slackware/*/patches for updates

# Prerequisites:
# pkg-config
# libtool
# ctags
# Perl
# Python (optional; --with-python for some scripts)
#   pip or setuptools' easy_install
#   The Python PLY module (Python Lex-Yacc)
# OpenSSL >= 0.9.6e (for DNSSEC; --with-openssl)
# For the statistics channel, either:
# libxml2 (optional; --with-libxml2)
#   or
#   json-c (optional; --with-libjson)
#   LaTeX/tex
#   w3m
#   libxslt
#   doxygen
#   curl
# LMDB (optional)
# (optional; --with-geoip)
# dnstap (optional; --enable-dnstap):
#   fstrm
#   protobuf-c
# Rational Purify (optional; memory debugger)
# gperftools (--with-gperftools-profiler)
# readline
# idnkit (--with-idn --with-idnlib)
# libidn2 (--with-libidn2)
# libiconv (--with-libiconv --with-iconv)
# DLZ (dynamic loadable zone) drivers:
#   PostgreSQL (--with-dlz-postgres)
#   MySQL or MariaDB (--with-dlz-mysql)
#   Berkeley DB (--with-dlz-bdb)
#   OpenLDAP (--with-dlz-ldap)
#   ODBC (--with-dlz-odbc)

# Various BIND resources, all of which, and then some, are available via the
# ISC web site linked to above:
# BIND Administrator Reference Manual (ARM)
# ISC knowledge base -> BIND 9 Significant Features Matrix
# ISC mailing lists - including bind-announce, bind-users
# DNS-related RFCs
# DNS Tools
# In each source distrubution: README, FAQ, HISTORY, CHANGES
# O'Reilly: DNS and BIND, 5th Edition

# Specific configurations:
# DNS over HTTPS with BIND 9.17
# BIND Implements DoH
# DNSSEC Key and Signing Policy
# Bind 9.18.28 configuration reference: dnssec-policy
# See notes below about rate limiting, fetch limits, DNSSEC.

# Keep in mind that even though I cover multiple versions here (if I do this
# time), and I may be using the older ones in a place or two too, I will
# mainly be using the current release.

# For LDAP sdb support, see the bind9-ldap HOWTO (outdated)

# OpenSSL < 1.1.0 uses /usr/local/ssl for the default prefix.  >= 1.1.0 uses
# /usr/local.  If yours is under the former, pass
# --with-openssl=/usr/local/ssl to configure.  Otherwise, --with-openssl
# with will probably be good enough.

# If you want to be able to run 'make test', read through
# bin/tests/system/README


# ISC BIND 9.18.28 (Current-Stable; ESV extended support version; EoL Q2 2026)
# ================
# Prerequisites (beyond those listed above), if you have and want to use
# pandoc
# OpenSSL >= 1.0.0 or LibreSSL >= 2.7.0
# Python >= 2.7 or >= 3.2
# libuv >= 1.0.0
# nghttp2
# cmocka >= 1.1.3 (unit testing)
# jemalloc (optional)

# OpenSSL >= 0.9.7l or >= 0.9.8d are the minimum safe versions for this
# release.  Support for OpenSSL 3.0.0 was added to BIND 9.18

# bind-announce: New BIND releases are available: 9.18.28, 9.20.0
# Release Notes for BIND Version 9.18.28
# Changes to be aware of when moving from BIND 9.16 to 9.18
# CHANGES (from Git repo)
# BIND 9 Administrator Reference Manual
# - Also available as a PDF
# - Also available under the source tree in ./doc/arm/

# Get the source tarball
cd
test -f installed/bind-9.18.28.tar.xz &&
mv installed/bind-9.18.28.tar.xz .
test ! -f bind-9.18.28.tar.xz &&
wget https://downloads.isc.org/isc/bind9/9.18.28/bind-9.18.28.tar.xz

# Verify tarball w/ sha256sum:
# (this came from my gpg-verified tarball)
# [ OpenSSL works too: openssl sha256 bind-9.18.28.tar.xz
#   coreutils 'cksum' works too: cksum -a sha256 bind-9.18.28.tar.xz
#   Perl's 'shasum' works too: shasum -a 256 bind-9.18.28.tar.xz ]
echo "e7cce9a165f7b619eefc4832f0a8dc16b005d29e3890aed6008c506ea286a5\
e7  bind-9.18.28.tar.xz" | sha256sum -c

# If you do not already have the required key and the the below gpg
# verification can't get a key from a keyserver, download
# and import isc-keyblock.asc from https://www.isc.org/pgpkey/
wget https://www.isc.org/docs/isc-keyblock.asc -O - 2> /dev/null |
gpg --import

# Verify tarball w/ gpg:
# (there are sha256 and sha512 signatures too)
# (PGP keys are here: https://www.isc.org/pgpkey/)
(gpg --list-keys 706B6C28620E76F91D11F7DF510A642A06C52CEC > /dev/null 2>&1 ||
gpg --recv-keys 706B6C28620E76F91D11F7DF510A642A06C52CEC ) &&
wget -nc https://downloads.isc.org/isc/bind9/9.18.28/\
bind-9.18.28.tar.xz.asc &&
  gpg --verify bind-9.18.28.tar.xz.asc && rm bind-9.18.28.tar.xz.asc

# Extract the source, clean up old versions' source
mkdir -p -m 0700 ~/src
cd ~/src
find -maxdepth 1 -type d -name "bind-*" -exec rm -r {} \;
tar xJvf ~/bind-9.18.28.tar.xz
cd bind-9.18.28
test $UID = 0 && chown -R root:root .

## If you have Python, install/update the PLY module with pip:
# https://pip.pypa.io/warnings/venv
su -c "python3 -m pip install --upgrade pip ply"
# or use easy_install:
#su -c "easy_install --upgrade ply"

# See './configure --help' for all of the options

## If you use a 64-bit OpenSSL installed fully under /usr/local/ssl, which
## was the default prefix until 1.1.0, put this at the beginning of the
## configure line:
# LDFLAGS=-L/usr/local/ssl/lib64
## and replace the --with-openssl below with:
# --with-openssl=/usr/local/ssl
##
## You should not need to specify any path in --with-openssl if yours is
## installed under prefix /usr or /usr/local  If you are 64-bit with
## libraries in /usr/local/lib64, make sure that is in /etc/ld.so.conf
## (and run ldconfig)

# --enable-rrl is no longer required, it's built in to >= 9.10.x
# --enable-fetchlimit is no longer required, it's built in to >= 9.11.x
# --enable-threads is not there any more
# --disable-ipv6 is not there any more

# Configure it 64-bit:
test $(uname -m) = 'x86_64' &&
./configure --prefix=/usr --sysconfdir=/etc --libdir=/usr/lib64 \
--localstatedir=/var --mandir=/usr/man --with-openssl --with-libidn2 \
--with-libxml2 --enable-dnstap --enable-full-report

# Configure it, anything else:
test $(uname -m) != 'x86_64' &&
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
--mandir=/usr/man --with-openssl --with-libidn2 --with-libxml2 \
--enable-dnstap --enable-full-report

# Build it
make

# Test the build - may need to be done as root
# See info in README.md and bin/tests/system/ifconfig.sh and
# bin/tests/system/README
make check

# Become root to install it
su

# If you have a /var/named, back it up
# If you can, shut down named to avoid partially written files in there
test -d /var/named &&
( cd /var/named
   mkdir -p -m 0700 ~/backup/bind
   tar cJvf ~/backup/bind/var-named-$(date +%Y%m%d).tar.xz .
   chmod 600 ~/backup/bind/var-named-$(date +%Y%m%d).tar.xz )

# If you have a /etc/rndc.conf, back it up.  If you run named in a chroot
# jail, this may be in the real /etc because you can run 'rndc' as root
# or within the chroot by running it with the 'chroot' command.  See
# 'man rndc.conf' for more information about the configuration file.
test -f /etc/rndc.conf &&
( mkdir -p -m 0700 ~/backup/bind
   cp -a /etc/rndc.conf ~/backup/bind/rndc.conf-$(date +%Y%m%d)
   chmod 600 ~/backup/bind/rndc.conf-$(date +%Y%m%d) )

# If you do not have a /etc/rndc.conf, 'rndc-confgen' will output one for
# you.  If you run named with a chroot, either copy the .key file in there,
# or use 'secret' to store it in rndc.conf
# See 'man rndc-confgen' and 'man rndc.conf' for more information.
# (or the online documentation https://bind9.readthedocs.io/en/v9.18.28/manpages.html)

# Remove the Slackware package, if there is one
# If you do this, it should not remove your /etc/rc.d/rc.bind or
#  /etc/named.conf, they are named with .new in the package file,
#  but it will remove /etc/bind.keys
# If you need a replacement bind.keys, see the bottom for info
# [ probably not needed, it is a compiled-in default now ]
test -x /sbin/removepkg && /sbin/removepkg bind

# If upgrading, clean up includes from previous releases so you don't end up
# with no longer used .h files.
for incdir in bind9 dns irs isc isccc isccfg lwres pk11 pkcs11;
do test -d /usr/include/${incdir} && rm -r /usr/include/${incdir}
done

# If upgrading, clean up libraries from previous releases.
# If you can, shut down named first, because it is linked with the most
# recent ones.  For example, after you run 'make install', you will have
# /usr/lib*/lib*-9.18.28.so
# Removing them may also break anything other than BIND that is using them.
# Just in case, you may want to compare file dates before doing this.
# Maybe run find but leave off the -exec part, remove them manually...
# Or, just don't do it.  It's not going to give you a signifcant amount of
# reclaimed disk space.
for pfx in /usr/local /usr; do
  for lib in bind9 dns irs isc isccc isccfg lwres; do
    find ${pfx}/lib64 ${pfx}/lib -maxdepth 1 -name "lib${lib}-*.so" \
     -exec rm {} \;
  done
done

# If you have an old named-checkconf that used to go in /usr/sbin
rm -f /usr/sbin/named-checkconf /usr/man/man8/named-checkconf.8

# Install the new version of BIND
make install
ldconfig

## NOTE: if you run named in a chroot, you will need to copy OpenSSL
## lib|lib64 and engine files in there.  Same path, but below the chroot.
# cp -a /usr/local/lib64/libcrypto.* /var/named/usr/local/lib64/
# cp -a /usr/local/lib64/libssl.* /var/named/usr/local/lib64/
# cp -a /usr/local/lib64/engines-1.1/* /var/named/usr/local/lib64/engines-1.1/
# cp -a /usr/local/lib64/engines-3/* /var/named/usr/local/lib64/engines-3/

# https://www.isc.org/bind-keys/
# It is a compiled in default now, but if you do have a bind.keys file,
# it should go in the chroot also
test -s /etc/bind.keys && cp -a /etc/bind.keys /var/named/etc/

# Make sure your non-root user can remove the source later
chown -R $(logname) .
chmod -R u+w .

# Look in /usr/lib*/ for old versions of shared library files, maybe check
# with 'lsof' first, then zap (or don't)

# Become yourself again
exit

# Save the source for later
cd
mkdir -p -m 0700 installed
rm -f installed/bind-*.tar.*
mv bind-9.18.28.tar.xz installed/

# Skip down to the bottom for a few miscellaneous notes about running named



# ISC BIND 9.16.50 (ESV, EOL April 2024)
# ================
# Prerequisites (beyond those listed above), if you have and want to use
# pandoc
# OpenSSL >= 1.0.0 or LibreSSL >= 2.7.0
# Python >= 2.7 or >= 3.2
# libuv >= 1.0.0

# OpenSSL >= 0.9.7l or >= 0.9.8d are the minimum safe versions for this
# release

# Release Notes for BIND Version 9.16.50
# Changes to be aware of when moving from BIND 9.11 to 9.16
# BIND 9 Administrator Reference Manual
# Also available as a PDF
# Also available under the source tree in ./doc/arm/

# Changes to be aware of when moving from BIND 9.11 to 9.16

# Get the source tarball
cd
test -f installed/bind-9.16.50.tar.xz &&
mv installed/bind-9.16.50.tar.xz .
test ! -f bind-9.16.50.tar.xz &&
wget https://downloads.isc.org/isc/bind9/9.16.50/bind-9.16.50.tar.xz

# Verify tarball w/ sha256sum:
# (this came from my gpg-verified tarball)
# (this works too: openssl sha256 bind-9.16.50.tar.xz)
# (this works too: cksum -a sha256 bind-9.16.50.tar.xz)
echo "816dbaa3c115019f30fcebd9e8ef8f7637f4adde91c79daa099b035255a157\
95  bind-9.16.50.tar.xz" | sha256sum -c

# If you do not already have the required key and the the below gpg
# verification can't get a key from a keyserver, download
# and import isc-keyblock.asc from https://www.isc.org/pgpkey/
wget https://www.isc.org/docs/isc-keyblock.asc -O - 2> /dev/null |
gpg --import

# Verify tarball w/ gpg:
# (there are sha256 and sha512 signatures too)
# (PGP keys are here: https://www.isc.org/pgpkey/)
(gpg --list-keys 706B6C28620E76F91D11F7DF510A642A06C52CEC > /dev/null 2>&1 ||
gpg --recv-keys 706B6C28620E76F91D11F7DF510A642A06C52CEC ) &&
wget -nc https://downloads.isc.org/isc/bind9/9.16.50/\
bind-9.16.50.tar.xz.asc &&
  gpg --verify bind-9.16.50.tar.xz.asc && rm bind-9.16.50.tar.xz.asc

# Extract the source, clean up old versions' source
mkdir -p -m 0700 ~/src
cd ~/src
find -maxdepth 1 -type d -name "bind-*" -exec rm -r {} \;
tar xJvf ~/bind-9.16.50.tar.xz
cd bind-9.16.50
test $UID = 0 && chown -R root:root .

# If you have Python, install/update the PLY module with pip:
su -c "python3 -m pip install --upgrade pip ply"
# or use easy_install:
#su -c "easy_install --upgrade ply"

# See './configure --help' for all of the options

## If you use a 64-bit OpenSSL installed fully under /usr/local/ssl, which
## was the default prefix until 1.1.0, put this at the beginning of the
## configure line:
# LDFLAGS=-L/usr/local/ssl/lib64
## and replace the --with-openssl below with:
# --with-openssl=/usr/local/ssl
##
## You should not need to specify any path in --with-openssl if yours is
## installed under prefix /usr or /usr/local  If you are 64-bit with
## libraries in /usr/local/lib64, make sure that is in /etc/ld.so.conf
## (and run ldconfig)

# --enable-rrl is no longer required, it's built in to >= 9.10.x
# --enable-fetchlimit is no longer required, it's built in to >= 9.11.x
# --enable-threads is not there any more
# --disable-ipv6 is not there any more

# Configure it 64-bit:
test $(uname -m) = 'x86_64' &&
./configure --prefix=/usr --sysconfdir=/etc --libdir=/usr/lib64 \
--localstatedir=/var --mandir=/usr/man --with-python \
--with-openssl --with-libidn2 --with-libxml2 --with-libtool \
--enable-dnstap --enable-full-report

# Configure it, anything else:
test $(uname -m) != 'x86_64' &&
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
--mandir=/usr/man --with-python --with-openssl \
--with-libidn2 --with-libxml2 --with-libtool --enable-dnstap \
--enable-full-report

# Build it
make

# Become root to install it
su

# If you have a /var/named, back it up
# If you can, shut down named to avoid partially written files in there
test -d /var/named &&
( cd /var/named
   mkdir -p -m 0700 ~/backup/bind
   tar cJvf ~/backup/bind/var-named-$(date +%Y%m%d).tar.xz .
   chmod 600 ~/backup/bind/var-named-$(date +%Y%m%d).tar.xz )

# If you have a /etc/rndc.conf, back it up.  If you run named in a chroot
# jail, this may be in the real /etc because you can run 'rndc' as root
# or within the chroot by running it with the 'chroot' command.  See
# 'man rndc.conf' for more information about the configuration file.
test -f /etc/rndc.conf &&
( mkdir -p -m 0700 ~/backup/bind
   cp -a /etc/rndc.conf ~/backup/bind/rndc.conf-$(date +%Y%m%d)
   chmod 600 ~/backup/bind/rndc.conf-$(date +%Y%m%d) )

# Remove the Slackware package, if there is one
# If you do this, it should not remove your /etc/rc.d/rc.bind or
#  /etc/named.conf, they are named with .new in the package file,
#  but it will remove /etc/bind.keys
# If you need a replacement bind.keys, see the bottom for info
test -x /sbin/removepkg && /sbin/removepkg bind

# If upgrading, clean up includes from previous releases so you don't end up
# with no longer used .h files.
for incdir in bind9 dns irs isc isccc isccfg lwres pk11 pkcs11;
do test -d /usr/include/${incdir} && rm -r /usr/include/${incdir}
done

# If upgrading, clean up libraries from previous releases
# This may break anything other than BIND that is using them (or a running
# named).  Just in case, you may want to compare file dates before doing
# this.
for pfx in /usr/local /usr; do
  for lib in bind9 dns irs isc isccc isccfg lwres; do
    find ${pfx}/lib64 ${pfx}/lib -maxdepth 1 -name "lib${lib}.*" \
     -exec rm {} \;
  done
done

# Install the new version of BIND
make install
ldconfig

## NOTE: if you run named in a chroot, you will need to copy OpenSSL
## lib|lib64 and engine files in there.  Same path, but below the chroot.
# cp -a /usr/local/lib64/libcrypto.* /var/named/usr/local/lib64/
# cp -a /usr/local/lib64/libssl.* /var/named/usr/local/lib64/
# cp -a /usr/local/lib64/engines-1.1/* /var/named/usr/local/lib64/engines-1.1/
#
# And /etc/bind.keys should go in the chroot also
test -s /etc/bind.keys && cp -a /etc/bind.keys /var/named/etc/

# Make sure your non-root user can remove the source later
chown -R $(logname) .
chmod -R u+w .

# Look in /usr/lib*/ for old versions of shared library files, maybe check
# with 'lsof' first, then zap

# Become yourself again
exit

# Save the source for later
cd
mkdir -p -m 0700 installed
rm -f installed/bind-*.tar.*
mv bind-9.16.50.tar.xz installed/

# Skip down to the bottom for a few miscellaneous notes about running named




### Miscellaneous notes about running BIND named

# Anything done below assumes that you are root

### delegation-only is deprecated for 9.18.x and will be removed in 9.19.x
#
## If you run the named daemon, add these to your named.conf to disable
## Verisign's evil Sitefinder service for people that use your nameserver.
## If you use views, add them to the view that handles recursive lookups.
# zone "com" { type delegation-only; };
# zone "net" { type delegation-only; };
#
## Here's is a more severe alternative that will enforce delegation-only for
## any TLD that is _not_ listed (you'd use this instead of "type
## delegation-only"):
# root-delegation-only exclude {
#   "ad"; "ar"; "biz"; "cr"; "cu"; "de"; "dm"; "id"; "lu"; "lv"; "md"; "ms";
#   "museum"; "name"; "no"; "pa"; "pf"; "sr"; "to"; "tw"; "us"; "uy";
# };

# Also if you run the named daemon, I highly suggest running named in a
# chroot-jail as a non-root user.  For example, you could put everything
# under /var/named and run it like this:
#   /usr/sbin/named -u named -t /var/named
# I've never read it, but this howto may help you if you plan to do this:
# https://tldp.org/HOWTO/Chroot-BIND-HOWTO.html
#
# With a chroot /var/named you would run 'named-checkconf -t /var/named'
# to make sure your configuration is OK, checking the actual file
# /var/named/etc/named.conf
#
# Everything would need to be under there, including SSL/TLS certs
# for 'key-file' and 'cert-file', the 'directory' option would be
# set to '.' in order to use files that are actually in /var/named.
# 'file' could use relative directories for zone files.  File
# /var/named/primary/internal/192.168.1 would be:
#   file "primary/internal/192.168.1";

# For DNSSEC validation, you can use the compiled-in defaults, or you can
# load the Root & DLV keys from the bind.keys file.  These days it's a
# pre-compiled default and you don't need to use a separate bind.keys
# file.  If you want to anyway for whatever reason...
#
# See config options dnssec-validation and dnssec-lookaside.  If they are
# set, named will get the key out of bind.keys the first time it executes.
# If you you use /var/named as a chroot, put it in /var/named/etc, otherwise
# in /etc  If you run named as user 'named' who is a member of group 'named',
# then root:named and 640 should work for you.  For more info about this with
# BIND 8.x and 9.x, read about it here:
# https://isc.org/bind-keys/
# https://isc.org/dnssec/
# https://bind9.readthedocs.io/en/latest/dnssec-guide.html
# https://ftp.isc.org/isc/bind9/9.18.28/doc/arm/html/chapter5.html
# (also available in ./doc/arm/ under the source)
# ...and configuration file info about bindkeys-file, dnssec-lookaside &
#  dnssec-validation:
# https://ftp.isc.org/isc/bind9/9.18.28/doc/arm/html/chapter5.html#dnssec-validation
#  (also available in ./doc/arm/ under the source)
#
# The bind.keys file is usually available in the top level directory of the source
#
# Get the latest online:
test -d /var/named/etc && cd /var/named/etc
test ! -d /var/named/etc && cd /etc
wget -nc https://downloads.isc.org/isc/bind9/keys/9.11/bind.keys.v9_11
#
# Verify it w/ gpg:
( gpg --list-keys 5CF02E57 > /dev/null 2>&1 || gpg --recv-keys 5CF02E57 ) &&
wget -nc https://ftp.isc.org/isc/bind9/keys/9.11/bind.keys.v9_11.asc &&
  gpg --verify bind.keys.v9_11.asc && rm bind.keys.v9_11.asc
#
# If it verified OK, put it in place
test -L bind.keys &&
( cp -L bind.keys bind.keys.old ; rm bind.keys )
test -f bind.keys && mv -f bind.keys bind.keys.old
mv -f bind.keys.v9_11 bind.keys
chown root:named bind.keys
chmod 640 bind.keys

# For info about the rate limiting feature (--enable-rrl with < 9.10.x):
# https://kb.isc.org/article/AA-01000/0/A-Quick-Introduction-to-Response-Rate-Limiting.html
# ...and configuration file info about rate-limit:
# https://ftp.isc.org/isc/bind9/9.18.28/doc/arm/html/reference.html?highlight=rate+limit
#  (also available in ./doc/arm/ under the source)

# For info about fetch limits (--enable-fetchlimit before 9.11.x):
# ISC KB AA-01304
# Configuration file info about fetches-per-server and fetches-per-zone:
# https://ftp.isc.org/isc/bind9/9.18.28/doc/arm/html/reference.html?highlight=fetch+limits

# You can use the compiled-in defaults, which would never change if you
# never upgrade BIND, but if you have named configured to use an external
# root hints file (named 'root-hints' here), update it
dig ns . @a.root-servers.net > /var/named/root-hints.new
test -s /var/named/root-hints.new &&
( mkdir -p -m 0700 ~/backup/bind
   test -e /var/named/root-hints &&
    mv -f /var/named/root-hints ~/backup/bind/root-hints-$(date +%Y%m%d)
   mv -f /var/named/root-hints.new /var/named/root-hints
   chown root:named /var/named/root-hints
   chmod 640 /var/named/root-hints
   chown root:root ~/backup/bind/root-hints-*
   chmod 600 ~/backup/bind/root-hints-* )

# You you don't have a rc.bind init-script, you can find the latest
# Slackware rc.bind init script here:
# (they are probably the same for Slackware or Slackware-64)
# http://ftp.slackware.com/pub/slackware/slackware-current/source/n/bind/rc.bind
# http://ftp.slackware.com/pub/slackware/slackware64-current/source/n/bind/rc.bind

# If you have a /etc/rc.d/rc.bind that sources /etc/default/named,
# you may want something like this for no IPv6, chroot in /var/named,
# run as user 'named':
test ! -f /etc/default/named &&
( echo "NAMED_OPTIONS=\"-4 -u named -t /var/named\"" > /etc/default/named
   chmod 600 /etc/default/named )

# If you have named configured and you will be running the daemon, make sure
# your rc.bind script is executable:
test -e /etc/rc.d/rc.bind && chmod 700 /etc/rc.d/rc.bind


# If you ever want to uninstall BIND, this should do it:
cd
su
test -d src/bind-* && ( cd src/bind-* ; make uninstall )
( cd /etc ; rm -f bind.keys named.conf named.conf.dist rndc.conf )
( cd /usr/bin
  rm -f arpaname bind9-config delv dig host isc-config.sh mdig \
   named-rrchecker nslookup nsupdate )
( cd /usr/include
  for dir in bind9 dns dnst irs isc isccc isccfg lwres pk11 pkcs11; do
    test -d ./${dir} && rm -r ./${dir}
  done )
for libdir in /usr/lib /usr/lib64; do
  test ! -d $libdir && continue
  for libfile in bind9 dns irs isc isccc isccfg lwres; do
    rm -f ${libdir}/lib${libfile}.*
  done
done
( cd /usr/man/man1
  rm -f arpaname.1 bind9-config.1 delv.1 dig.1 host.1 isc-config.sh.1 \
   mdig.1 named-rrchecker.1 nslookup.1 )
rm -f /usr/man/man3/lwres_*.3
( cd /usr/man/man5 ; rm -f named.conf.5 rndc.conf.5 )
( cd /usr/man/man8
  rm -f ddns-confgen.8 dnssec-*.8 genrandom.8 isc-hmac-fixup.8 \
   lwresd.8 named.8 named-*.8 nsec3hash.8 rndc.8 rndc-confgen.8 \
   tsig-keygen.8 )
( cd /usr/sbin
  rm -f ddns-confgen dnssec-* genrandom isc-hmac-fixup named-* \
   nsec3hash rndc-confgen tsig-keygen )
ldconfig
exit
find ~/src -maxdepth 1 -type d -name "bind-*" -exec rm -r {} \;
rm -f ~/installed/bind-*.tar.*

List of HOWTOs
Web page itself last updated: 2023-12-20 8:06pm (EST -0500)
HOWTO last updated: 2024-07-28 1:50am
Copyright © 2001-2024 Jason Englander. All Rights reserved.
[HTML5]