Re: problems with latest bind9 setup changes

From: Jose M Rodriguez <josemi_at_freebsd.jazztel.es>
Date: Sat, 2 Oct 2004 11:39:49 +0200
El Sábado, 2 de Octubre de 2004 10:47, Ruslan Ermilov escribió:
> Hi Jose,
>
> On Sat, Oct 02, 2004 at 10:33:37AM +0200, Jose M Rodriguez wrote:
> > I'm running named in a sandwitch config form:
> > named_flags="-u bind -c /var/named/named.conf
> >
> > After my last update, I've got my /var/named/ dir polluted by a chroot
> > setup. I think this is not the way.
> >
> > /etc/rc.d/named must do this from chroot_autoupdate() only when required
> > to do so.
> >
> > If /var/named must became a system directory, I can move my config
> > to /var/namebd or so.  But I like to read HEADS UP about those things.
>
> There was a HEADS up message sent to the current_at_ mailing list.
> There is also a relevant entry in src/UPDATING, "20040928".
>
>

Ah, so you must

/usr/src/UPDATING

- If enabled, the default is now to run named in a chroot
+ The default is now to run named in a chroot

Using /etc/mtree/BIND.chroot.dist from chroot_autoupdate() is not the same 
that put /var/named in /etc/mtree/BSD.var.dist.

Well, moving config to var/namedb.

IMHO, this is not a good design.  If you ask ten admin about the best named 
chrooted setup, you'll get, at last, twelve setups.

Making strong support for a chrooted named is really needed.  But moving the 
release default setup to a strong model on that not.  I'll prefer a sandwidch 
setup (named_flags="-u bind", named_chroot="") as release default.

> Cheers,

Thanks for your time,
--
  josemi
Received on Sat Oct 02 2004 - 07:59:33 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:15 UTC