From owner-freebsd-current@FreeBSD.ORG  Tue Oct  5 13:42:41 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7310616A4CE; Tue,  5 Oct 2004 13:42:41 +0000 (GMT)
Received: from tigra.ip.net.ua (tigra.ip.net.ua [82.193.96.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 5E4B643D41; Tue,  5 Oct 2004 13:42:40 +0000 (GMT)
	(envelope-from ru@ip.net.ua)
Received: from localhost (oak.ip.net.ua [82.193.96.2])
	by tigra.ip.net.ua (8.12.11/8.12.11) with ESMTP id i95DgXjd008197;
	Tue, 5 Oct 2004 16:42:33 +0300 (EEST)
	(envelope-from ru@ip.net.ua)
Received: from tigra.ip.net.ua ([82.193.96.10])
 by localhost (rocky.ipnet [82.193.96.2]) (amavisd-new, port 10024) with LMTP
 id 15185-10; Tue,  5 Oct 2004 16:42:32 +0300 (EEST)
Received: from heffalump.ip.net.ua (heffalump.ip.net.ua [82.193.96.213])
	by tigra.ip.net.ua (8.12.11/8.12.11) with ESMTP id i95DgWij008194
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Tue, 5 Oct 2004 16:42:32 +0300 (EEST)
	(envelope-from ru@ip.net.ua)
Received: (from ru@localhost)
	by heffalump.ip.net.ua (8.13.1/8.13.1) id i95DgYMH003168;
	Tue, 5 Oct 2004 16:42:35 +0300 (EEST)
	(envelope-from ru)
Date: Tue, 5 Oct 2004 16:42:34 +0300
From: Ruslan Ermilov <ru@FreeBSD.org>
To: Jose M Rodriguez <josemi@freebsd.jazztel.es>,
	Doug Barton <dougb@FreeBSD.org>
Message-ID: <20041005134234.GA3128@ip.net.ua>
References: <200410021033.37844.freebsd@redesjm.local>
	<20041002084741.GA55948@ip.net.ua> <200410021139.49551.freebsd@redesjm.local>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="VS++wcV0S1rZb1Fb"
Content-Disposition: inline
In-Reply-To: <200410021139.49551.freebsd@redesjm.local>
User-Agent: Mutt/1.5.6i
X-Virus-Scanned: by amavisd-new at ip.net.ua
cc: current@FreeBSD.org
Subject: Re: problems with latest bind9 setup changes
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Oct 2004 13:42:41 -0000


--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi Jose,

On Sat, Oct 02, 2004 at 11:39:49AM +0200, Jose M Rodriguez wrote:
> El S?bado, 2 de Octubre de 2004 10:47, Ruslan Ermilov escribi?:
> > Hi Jose,
> >
> > On Sat, Oct 02, 2004 at 10:33:37AM +0200, Jose M Rodriguez wrote:
> > > I'm running named in a sandwitch config form:
> > > named_flags=3D"-u bind -c /var/named/named.conf
> > >
> > > After my last update, I've got my /var/named/ dir polluted by a chroot
> > > setup. I think this is not the way.
> > >
> > > /etc/rc.d/named must do this from chroot_autoupdate() only when requi=
red
> > > to do so.
> > >
> > > If /var/named must became a system directory, I can move my config
> > > to /var/namebd or so.  But I like to read HEADS UP about those things.
> >
> > There was a HEADS up message sent to the current@ mailing list.
> > There is also a relevant entry in src/UPDATING, "20040928".
> >
> >
>=20
> Ah, so you must
>=20
> /usr/src/UPDATING
>=20
> - If enabled, the default is now to run named in a chroot
> + The default is now to run named in a chroot
>=20
"If enabled" means "if named_enable is set to YES in /etc/rc.conf", which
is not by default.  What the UPDATING entry misses is mentioning a fact
that /var/namedb now becomes a system directory.  This needs to be fixed.
Doug, can you please take care of that?

> Using /etc/mtree/BIND.chroot.dist from chroot_autoupdate() is not the sam=
e=20
> that put /var/named in /etc/mtree/BSD.var.dist.
>=20
> Well, moving config to var/namedb.
>=20
> IMHO, this is not a good design.  If you ask ten admin about the best nam=
ed=20
> chrooted setup, you'll get, at last, twelve setups.
>=20
> Making strong support for a chrooted named is really needed.  But moving =
the=20
> release default setup to a strong model on that not.  I'll prefer a sandw=
idch=20
> setup (named_flags=3D"-u bind", named_chroot=3D"") as release default.


Cheers,
--=20
Ruslan Ermilov
ru@FreeBSD.org
FreeBSD committer

--VS++wcV0S1rZb1Fb
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)

iD8DBQFBYqTKqRfpzJluFF4RAhmdAKCByfHNRFl7Sfx9ordAHU+Y/+pH/gCfer3s
JhE9nXkOkyTgszU8To+p21o=
=oA7O
-----END PGP SIGNATURE-----

--VS++wcV0S1rZb1Fb--