Re: problems with latest bind9 setup changes

From: Jose M Rodriguez <josemi_at_freebsd.jazztel.es>
Date: Tue, 5 Oct 2004 00:01:19 +0200
On Monday 04 October 2004 22:22, Doug Barton wrote:
> FYI, freebsd-current_at_freebsd.org and current_at_freebsd.org are two
> aliases for the same list. It is not needed to cc both.
> ...
>
> That's correct, although the one I committed was the one I used at
> Yahoo! on hundreds of name servers, and is both thorough and
> effective. I "borrowed" from the best ideas from various
> knowledgeable sources, and my own extensive experience. Of course, if
> someone has better ideas, I'm open to them.
>

The real thread is that I can't see why a model about the chroot layout 
is needed.

I'll prefer use p and s instead off masters and slaves.

Or make symlinks to easy in/out chroot like this

# mkdir -p /var/named/var
# cd /var/named/var
# ln -s .. named
# mkdir -p /var/named/etc
# cd /var/named/etc
# ln -s .. namedb

> > Making strong support for a chrooted named is really needed.  But
> > moving the release default setup to a strong model on that not.
>
> I'm sorry, I don't understand this.
>

I really love what /etc/rc.d/named can do to launch a chrooted named in 
a safe and easy way.

But I really hate that FreeBSD impose me what dir I must use and how I 
must layout it.

> > I'll prefer a sandwidch setup (named_flags="-u bind",
> > named_chroot="") as release default.
>
> Defaulting to using the chroot structure is a good change, and
> suitable for the vast majority of users. If you want something
> different, the knobs are there for you to twist. :)
>

Anyone that may need a chrooted named is supposed to be smart enough to 
make the change from a basic setup.

Also, I think this can be possible from /etc/rc.d/named, just making 
named_chrootdir point to a nonexistant/wide dir.
 
> Doug

--
  josemi
Received on Mon Oct 04 2004 - 20:01:24 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:15 UTC