How to prevent bind dynamic updates from changing original zone file?

I am using a certbot DNS plugin to issue Let's Encrypt certificates. Certbot uses dynamic DNS updates to add a TXT record for verification. Bind creates a .jnl file for the zone. This TXT record only exist for 30 seconds then is removed by certbot. When the process is done, everything is supposed to be back to normal.

The side effect is bind is over writing my original zone file (owned by root) and saving it as owned by named. Plus the contents of the zone file are completely reformatted in a way i do not like.

Is there anyway to prevent bind from trying to change the original zone file? Any way to tell bind this dynamic update is temporary, hold only in memory or something?

And a side, but not as important, question. How is it bind gives permission denied errors if it can't save the .jnl file without named ownership, but it can easily over write a zone file owned by root?

Solution 1:

As soon as you use dynamic DNS you shouldn't expect your zonefile to be in any specific format and let bind manage it. Which is why you have the rndc commands freeze and thaw.

In your situation you should split concerns. Create _acme-challenge in your zone, as a CNAME to point it to another zone. Then this zone can be free of dynamic updates and you can have your zonefile the way you like.

In the other zone, you enable dynamic updates and make sure TXT records are added there.

but it can easily over write a zone file owned by root?

The permissions to edit (including delete) a file depends on the directory ownership/permissions in which the file is, not the ones on the file itself. Imagine a directory begin one file whose content is the list of files in it...