From owner-cvs-all Wed Aug 29 6: 9:29 2001 Delivered-To: cvs-all@freebsd.org Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18]) by hub.freebsd.org (Postfix) with ESMTP id 3CFBC37B405; Wed, 29 Aug 2001 06:09:20 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [fec0::1:12]) by Awfulhak.org (8.11.5/8.11.5) with ESMTP id f7TD9EA53808; Wed, 29 Aug 2001 14:09:16 +0100 (BST) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.6/8.11.6) with ESMTP id f7TD9Ef75762; Wed, 29 Aug 2001 14:09:14 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200108291309.f7TD9Ef75762@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: Sheldon Hearn Cc: Brian Somers , Joshua Goodall , Giorgos Keramidas , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, brian@freebsd-services.com, brian@freebsd-services.com Subject: Re: cvs commit: src/etc/defaults rc.conf src/etc/mtree BSD.var.dist src/etc/namedb named.conf In-Reply-To: Message from Sheldon Hearn of "Wed, 29 Aug 2001 14:54:27 +0200." <76231.999089667@axl.seasidesoftware.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 29 Aug 2001 14:09:14 +0100 From: Brian Somers Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Wed, 29 Aug 2001 13:47:16 +0100, Brian Somers wrote: > > > The point is that /usr/src/etc/defaults/rc.conf *will* be blindly > > installed on top of /etc/defaults/rc.conf. People's configuration > > *will* break because of this. An UPDATING entry *is* required to > > let people know. > > Who's configurations, Brian? For the n'th time on this thread, everyone that has named_enable=YES in /etc/rc.conf and don't have ``named_flags='' will now have named running with -u bind and will not be able to update their secondary zone files. They won't be able to read any KEY files that are readable only by root. They won't be able to query if they have ``query-source blah port 53''. Now perhaps someone can tell me what the purpose of this blatant -minded breakage is. What do we gain by changing the default variable values for a service that has never been enabled by default ? We're now encouraging people to cut and past chunks of defaults/rc.conf (*_flags for a start) so that they can protect themselves from the inconsiderate opinions of FreeBSD developers. I have no objection to people running named in a sandbox, and I certainly don't think we should discourage it. We should however bear in mind that everyone that has configured named on FreeBSD in the last few years has had the sandbox option prominently available to them and have made their decisions. Mindlessly breaking those decisions for our users is not smart. -- Brian http://www.freebsd-services.com/ Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message