Date: Wed, 29 Sep 2004 19:51:12 -0700 From: Peter Wemm <peter@wemm.org> To: freebsd-current@freebsd.org Cc: Doug Barton <DougB@FreeBSD.org> Subject: Re: HEADS UP: named now runs chroot'ed by default Message-ID: <200409291951.12610.peter@wemm.org> In-Reply-To: <20040928025635.Q5094@ync.qbhto.arg> References: <20040928025635.Q5094@ync.qbhto.arg>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 28 September 2004 03:03 am, Doug Barton wrote: > I just committed a named "auto-chroot" system that will allow named > to run chroot'ed by default. If you have an existing named > configuration in /etc/namedb, the instructions for updating it are in > src/UPDATING. If you are already chroot'ing named, especially if you > are using /var/named as the chroot directory, you should back > everything up before upgrading and proceed with caution. :) > > For those that don't have a named configuration, all you should have > to do is 'rm -r /etc/namedb' and you'll be fine. > > Comments and suggestions are welcome, but please try to keep the > bikeshedding about specific bits down to an absolute minimum. The > directory structure and related options worked very well on hundreds > of name servers on a very busy enterprise network, so I have a high > degree of confidence that the defaults are sensible. That said, I am > open to genuine improvements, and dialogue on optional bits. Mergemaster hasn't been made aware of this. It unconditionally installs the named stuff in /var/named/etc/namedb even when you've explicitly turned the chroot stuff off. How are we supposed to get the old behavior back? This sucks. :-( -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com "All of this is for nothing if we don't go to the stars" - JMS/B5
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200409291951.12610.peter>