Date: Tue, 03 Dec 2013 09:12:45 -0600 From: Mark Felder <feld@FreeBSD.org> To: freebsd-stable@freebsd.org Subject: Re: BIND chroot environment in 10-RELEASE...gone? Message-ID: <1386083565.11989.54971285.12C03C19@webmail.messagingengine.com> In-Reply-To: <529D9CC5.8060709@rancid.berkeley.edu> References: <529D9CC5.8060709@rancid.berkeley.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Dec 3, 2013, at 2:56, Michael Sinatra wrote: > I am aware of the fact that unbound has "replaced" BIND in the base > system, starting with 10.0-RELEASE. What surprised me was recent > commits to ports/dns/bind99 (and presumably other versions) that appears > to take away the supported chroot capabilities. OTOH, it appears that > unbound has been given these capabilities. > > I have no issues with removing BIND from base, but taking away the very > robust chroot support that FreeBSD had for BIND is something I would > oppose. I like the idea of leveling the playing field for users of > other systems, but the way things have been implemented thus far--taking > away functionality from BIND while preferring unbound--seems > counter-productive. It doesn't really level the playing field, it just > turns it the other way. > > It seems like it would be pretty easy to preserve the /etc/rc.d/named > startup script and BIND.chroot.dist from 9.x and add them to the BIND > ports, so that people who need to run a full-blown BIND installation can > "just install the port" as was advised back in 2012 when the > BIND/unbound change was first being discussed on -hackers. What are the > obstacles to doing something like this? > I would start by filing a PR; I don't think this was intentional.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1386083565.11989.54971285.12C03C19>