This file is indexed.

/usr/share/ipa/opendnssec_conf.template is in freeipa-server 4.7.0~pre1+git20180411-2ubuntu2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<?xml version="1.0" encoding="UTF-8"?>
<!-- Managed by IPA - do not edit! -->
<Configuration>

	<RepositoryList>

		<Repository name="SoftHSM">
			<Module>$SOFTHSM_LIB</Module>
			<TokenLabel>$TOKEN_LABEL</TokenLabel>
			<PIN>$PIN</PIN>
			<AllowExtraction/>
		</Repository>

	</RepositoryList>

	<Common>
		<Logging>
			<Syslog><Facility>local0</Facility></Syslog>
		</Logging>

		<PolicyFile>/etc/opendnssec/kasp.xml</PolicyFile>
		<ZoneListFile>/etc/opendnssec/zonelist.xml</ZoneListFile>

	<!--
		<ZoneFetchFile>/etc/opendnssec/zonefetch.xml</ZoneFetchFile>
	-->
	</Common>

	<Enforcer>
		<Privileges>
			<User>$ODS_USER</User>
			<Group>$ODS_GROUP</Group>
		</Privileges>

		<Datastore><SQLite>$KASP_DB</SQLite></Datastore>
		<Interval>PT3600S</Interval>
		<!-- <ManualKeyGeneration/> -->
		<!-- <RolloverNotification>P14D</RolloverNotification> -->

		<!-- the <DelegationSignerSubmitCommand> will get all current
		     DNSKEYs (as a RRset) on standard input
		-->
		<!-- <DelegationSignerSubmitCommand>/usr/sbin/eppclient</DelegationSignerSubmitCommand> -->
	</Enforcer>

</Configuration>