Date: Tue, 5 Oct 2004 16:42:34 +0300 From: Ruslan Ermilov <ru@FreeBSD.org> To: Jose M Rodriguez <josemi@freebsd.jazztel.es>, Doug Barton <dougb@FreeBSD.org> Cc: current@FreeBSD.org Subject: Re: problems with latest bind9 setup changes Message-ID: <20041005134234.GA3128@ip.net.ua> In-Reply-To: <200410021139.49551.freebsd@redesjm.local> References: <200410021033.37844.freebsd@redesjm.local> <20041002084741.GA55948@ip.net.ua> <200410021139.49551.freebsd@redesjm.local>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] Hi Jose, On Sat, Oct 02, 2004 at 11:39:49AM +0200, Jose M Rodriguez wrote: > El S?bado, 2 de Octubre de 2004 10:47, Ruslan Ermilov escribi?: > > Hi Jose, > > > > On Sat, Oct 02, 2004 at 10:33:37AM +0200, Jose M Rodriguez wrote: > > > I'm running named in a sandwitch config form: > > > named_flags="-u bind -c /var/named/named.conf > > > > > > After my last update, I've got my /var/named/ dir polluted by a chroot > > > setup. I think this is not the way. > > > > > > /etc/rc.d/named must do this from chroot_autoupdate() only when required > > > to do so. > > > > > > If /var/named must became a system directory, I can move my config > > > to /var/namebd or so. But I like to read HEADS UP about those things. > > > > There was a HEADS up message sent to the current@ mailing list. > > There is also a relevant entry in src/UPDATING, "20040928". > > > > > > Ah, so you must > > /usr/src/UPDATING > > - If enabled, the default is now to run named in a chroot > + The default is now to run named in a chroot > "If enabled" means "if named_enable is set to YES in /etc/rc.conf", which is not by default. What the UPDATING entry misses is mentioning a fact that /var/namedb now becomes a system directory. This needs to be fixed. Doug, can you please take care of that? > Using /etc/mtree/BIND.chroot.dist from chroot_autoupdate() is not the same > that put /var/named in /etc/mtree/BSD.var.dist. > > Well, moving config to var/namedb. > > IMHO, this is not a good design. If you ask ten admin about the best named > chrooted setup, you'll get, at last, twelve setups. > > Making strong support for a chrooted named is really needed. But moving the > release default setup to a strong model on that not. I'll prefer a sandwidch > setup (named_flags="-u bind", named_chroot="") as release default. Cheers, -- Ruslan Ermilov ru@FreeBSD.org FreeBSD committer [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBYqTKqRfpzJluFF4RAhmdAKCByfHNRFl7Sfx9ordAHU+Y/+pH/gCfer3s JhE9nXkOkyTgszU8To+p21o= =oA7O -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041005134234.GA3128>