FYI, freebsd-current_at_freebsd.org and current_at_freebsd.org are two aliases for the same list. It is not needed to cc both. On Sat, 2 Oct 2004, Jose M Rodriguez wrote: > /usr/src/UPDATING > > - If enabled, the default is now to run named in a chroot > + The default is now to run named in a chroot I just committed an update to clarify that language. > IMHO, this is not a good design. If you ask ten admin about the best named > chrooted setup, you'll get, at last, twelve setups. That's correct, although the one I committed was the one I used at Yahoo! on hundreds of name servers, and is both thorough and effective. I "borrowed" from the best ideas from various knowledgeable sources, and my own extensive experience. Of course, if someone has better ideas, I'm open to them. > Making strong support for a chrooted named is really needed. But moving the > release default setup to a strong model on that not. I'm sorry, I don't understand this. > I'll prefer a sandwidch setup (named_flags="-u bind", named_chroot="") > as release default. Defaulting to using the chroot structure is a good change, and suitable for the vast majority of users. If you want something different, the knobs are there for you to twist. :) Doug -- This .signature sanitized for your protectionReceived on Mon Oct 04 2004 - 18:22:25 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:15 UTC