Date: Tue, 03 Dec 2013 11:27:54 -0800 From: Michael Sinatra <michael@rancid.berkeley.edu> To: Mark Felder <feld@FreeBSD.org>, freebsd-stable@freebsd.org Subject: Re: BIND chroot environment in 10-RELEASE...gone? Message-ID: <529E30BA.8080709@rancid.berkeley.edu> In-Reply-To: <1386093454.2626.55043181.26E90FA5@webmail.messagingengine.com> References: <529D9CC5.8060709@rancid.berkeley.edu> <529DF7FA.7050207@passap.ru> <529E179D.7030701@rancid.berkeley.edu> <1386093454.2626.55043181.26E90FA5@webmail.messagingengine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/3/13 9:57 AM, Mark Felder wrote: > On Tue, Dec 3, 2013, at 11:40, Michael Sinatra wrote: >> >> I am going to put as many of the bits together as I can to see if I can >> recreate the chroot environment via a port on 10.0-RELEASE. I'll also >> submit a PR. But I agree with the others that this is not a good idea, >> and if I had known that the port would remove support for chroot, I >> would have vigorously protested the switch to unbound. >> > > There was no alternative; we couldn't keep BIND in base. BIND 9 will > certainly have a EoL before the EoL of FreeBSD 10.x, and we can't use > BIND 10 because it requires importing Python to base. > > Keep in mind that Unbound is not planned to be a permanent addition to > base either. It's merely a stop-gap until Capser is complete, which will > then provide the DNS services in base. > > http://blog.des.no/2013/09/dns-again-a-clarification/ Yes, I read the blog post. I assume that dougb believed back in 2012 that BIND 9.x would be EOL before FreeBSD 10.x, but, based on every indication I have had from ISC, I doubt that will be the case. Has ISC made a public statement about the support for BIND 9.x? All I know publicly is that 9.9-ESV will be supported until late 2017, and BIND 9.10 is about to be released. Both trains are under active development, and I doubt that ISC will even stop *developing* BIND 9 until will into the midpoint of 10.x's lifecycle. But if the FreeBSD developers have had conversations with ISC that I am not aware, you may have different interpretations. But that's water under the bridge. A lot of work was put into BIND 9 integration and a lot of work was put into unbound integration. We should be preserving the former and not throwing it away at the expense of functionality. Again, I didn't have a quibble with FreeBSD's decision until the chroot functionality support was removed from the port. I also think that this is something that's fixable in the port and will see what I can do to make it work. michael
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?529E30BA.8080709>