Hi Jose, On Sat, Oct 02, 2004 at 11:39:49AM +0200, Jose M Rodriguez wrote: > El S?bado, 2 de Octubre de 2004 10:47, Ruslan Ermilov escribi?: > > Hi Jose, > > > > On Sat, Oct 02, 2004 at 10:33:37AM +0200, Jose M Rodriguez wrote: > > > I'm running named in a sandwitch config form: > > > named_flags="-u bind -c /var/named/named.conf > > > > > > After my last update, I've got my /var/named/ dir polluted by a chroot > > > setup. I think this is not the way. > > > > > > /etc/rc.d/named must do this from chroot_autoupdate() only when required > > > to do so. > > > > > > If /var/named must became a system directory, I can move my config > > > to /var/namebd or so. But I like to read HEADS UP about those things. > > > > There was a HEADS up message sent to the current_at_ mailing list. > > There is also a relevant entry in src/UPDATING, "20040928". > > > > > > Ah, so you must > > /usr/src/UPDATING > > - If enabled, the default is now to run named in a chroot > + The default is now to run named in a chroot > "If enabled" means "if named_enable is set to YES in /etc/rc.conf", which is not by default. What the UPDATING entry misses is mentioning a fact that /var/namedb now becomes a system directory. This needs to be fixed. Doug, can you please take care of that? > Using /etc/mtree/BIND.chroot.dist from chroot_autoupdate() is not the same > that put /var/named in /etc/mtree/BSD.var.dist. > > Well, moving config to var/namedb. > > IMHO, this is not a good design. If you ask ten admin about the best named > chrooted setup, you'll get, at last, twelve setups. > > Making strong support for a chrooted named is really needed. But moving the > release default setup to a strong model on that not. I'll prefer a sandwidch > setup (named_flags="-u bind", named_chroot="") as release default. Cheers, -- Ruslan Ermilov ru_at_FreeBSD.org FreeBSD committer
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:15 UTC