From ab396fa5844d0f9ab7adbc44f323c59d2729c8e6 Mon Sep 17 00:00:00 2001
From: Philip Prindeville <philipp@redfish-solutions.com>
Date: Wed, 13 Jul 2022 21:20:43 -0600
Subject: [PATCH] isc-dhcp: don't use allow-update in bind config

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
---
 net/isc-dhcp/files/dhcpd.init | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/net/isc-dhcp/files/dhcpd.init b/net/isc-dhcp/files/dhcpd.init
index e3dcdfdd2..e849a387d 100755
--- a/net/isc-dhcp/files/dhcpd.init
+++ b/net/isc-dhcp/files/dhcpd.init
@@ -465,10 +465,11 @@ general_config() {
 
 		cat <<EOF > $conf_local_file
 zone "$domain" {
-  type master;
-  file "$dyndir/db.$domain";
-  allow-update { key $session_key_name; };
-  allow-transfer { key $session_key_name; };
+	type master;
+	file "$dyndir/db.$domain";
+	update-policy {
+		grant $session_key_name zonesub any;
+	};
 };
 
 EOF
@@ -477,10 +478,11 @@ EOF
 			mynet="$(rev_str "$mynet" ".")"
 			cat <<EOF >> $conf_local_file
 zone "$mynet.in-addr.arpa" {
-  type master;
-  file "$dyndir/db.$mynet.in-addr.arpa";
-  allow-update { key $session_key_name; };
-  allow-transfer { key $session_key_name; };
+	type master;
+	file "$dyndir/db.$mynet.in-addr.arpa";
+	update-policy {
+		grant $session_key_name zonesub any;
+	};
 };
 
 EOF
@@ -504,7 +506,7 @@ include "$session_key_file";
 
 zone $domain. {
 	primary 127.0.0.1;
-	key local-ddns;
+	key $session_key_name;
 }
 
 EOF
@@ -514,7 +516,7 @@ EOF
 			cat <<EOF
 zone $mynet.in-addr.arpa. {
 	primary 127.0.0.1;
-	key local-ddns;
+	key $session_key_name;
 }
 
 EOF