Date: Wed, 29 Aug 2001 14:09:14 +0100 From: Brian Somers <brian@Awfulhak.org> To: Sheldon Hearn <sheldonh@starjuice.net> Cc: Brian Somers <brian@Awfulhak.org>, Joshua Goodall <joshua@roughtrade.net>, Giorgos Keramidas <keramida@ceid.upatras.gr>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, brian@freebsd-services.com, brian@freebsd-services.com Subject: Re: cvs commit: src/etc/defaults rc.conf src/etc/mtree BSD.var.dist src/etc/namedb named.conf Message-ID: <200108291309.f7TD9Ef75762@hak.lan.Awfulhak.org> In-Reply-To: Message from Sheldon Hearn <sheldonh@starjuice.net> of "Wed, 29 Aug 2001 14:54:27 %2B0200." <76231.999089667@axl.seasidesoftware.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, 29 Aug 2001 13:47:16 +0100, Brian Somers wrote:
>
> > The point is that /usr/src/etc/defaults/rc.conf *will* be blindly
> > installed on top of /etc/defaults/rc.conf. People's configuration
> > *will* break because of this. An UPDATING entry *is* required to
> > let people know.
>
> Who's configurations, Brian?
For the n'th time on this thread, everyone that has
named_enable=YES
in /etc/rc.conf and don't have ``named_flags='' will now have named
running with -u bind and will not be able to update their secondary
zone files. They won't be able to read any KEY files that are
readable only by root. They won't be able to query if they have
``query-source blah port 53''.
Now perhaps someone can tell me what the purpose of this blatant
-minded breakage is. What do we gain by changing the default
variable values for a service that has never been enabled by default ?
We're now encouraging people to cut and past chunks of
defaults/rc.conf (*_flags for a start) so that they can protect
themselves from the inconsiderate opinions of FreeBSD developers.
I have no objection to people running named in a sandbox, and I
certainly don't think we should discourage it. We should however bear
in mind that everyone that has configured named on FreeBSD in the last
few years has had the sandbox option prominently available to them and
have made their decisions. Mindlessly breaking those decisions for
our users is not smart.
--
Brian <brian@freebsd-services.com> <brian@Awfulhak.org>
http://www.freebsd-services.com/ <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108291309.f7TD9Ef75762>