Date: Sat, 25 Jan 2014 22:17:47 -0800 From: "Jack L." <xxjack12xx@gmail.com> To: Matthew Pherigo <hybrid120@gmail.com> Cc: Frank Leonhardt <frank2@fjl.co.uk>, "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: Why was nslookup removed from FreeBSD 10? Message-ID: <CALeGphxqeeyVLnJ%2Bvdcf04rFxAq6pYLZSsW4kx_zGC0LBs9gEQ@mail.gmail.com> In-Reply-To: <97A0F01F-3E78-47D6-BDD6-ECE45D1BC45C@gmail.com> References: <52E40CC4.6090401@fjl.co.uk> <201401252137.50132.mark.tinka@seacom.mu> <52E41619.1000505@fjl.co.uk> <97A0F01F-3E78-47D6-BDD6-ECE45D1BC45C@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Many systems have removed nslookup from the base system so FreeBSD removing it is nothing new. At first, I was pretty annoyed but it makes sense that bind should not be part of the base system unless it's purpose is to serve as a DNS server. For all other users, installing bind-utils is fine. On Sat, Jan 25, 2014 at 12:26 PM, Matthew Pherigo <hybrid120@gmail.com> wro= te: > To my understanding, almost half of all the security vulnerabilities in t= he entire lifetime of the FreeBSD project have been from BIND. Personally, = I'd say that's "pretty spectacular." > > --Matt > >> On Jan 25, 2014, at 1:52 PM, Frank Leonhardt <frank2@fjl.co.uk> wrote: >> >>> On 25/01/2014 19:37, Mark Tinka wrote: >>> On Saturday, January 25, 2014 09:13:08 PM Frank Leonhardt >>> wrote: >>> >>>> Unbelievable, but true - someone somewhere thought that >>>> removing nslookup from the base system was the way to >>>> go. >>>> >>>> Why? Can anyone shed any light on how this decision was >>>> made? >>> If you read: >>> >>> http://www.freebsd.org/releases/10.0R/relnotes.html >>> >>> Under the "2.3. Userland Changes" section, you will notice: >>> >>> "BIND has been removed from the base system. >>> unbound(8), which is maintained by NLnet Labs, has >>> been imported to support local DNS resolution >>> functionality with DNSSEC. Note that it is not a >>> replacement of BIND and the latest versions of BIND >>> is still available in the Ports Collection. With >>> this change, nslookup and dig are no longer a part >>> of the base system. Users should instead use >>> host(1) and drill(1) Alternatively, nslookup and >>> dig can be obtained by installing dns/bind-tools >>> port. [r255949]" >>> >>> So install /usr/ports/dns/bind-tools and you're a happy guy. >>> >>> As to the philosophy of it all, no point arguing. Fait >>> accompli. >>> >>> Mark. >> As you and Waitman both pointed out, nslookup IS part of BIND, yet as I = said in the diatribe following the question in my post, so is "host" and th= at's still there. Also Windoze has nslookup but doesn't include BIND. I agr= ee there's no point arguing unless you know the rational behind what appear= s an arbitrary decision; hence my question. Was this simply an oversight or= is there a thought-out reason for it that one can take issue with? >> >> IIRC, nslookup was present in 4.3BSD, and I'm pretty sure it existed bef= ore that. (That's BSD, not FreeBSD). Its relied on in scripts. The reason f= or dropping it from the base system must be pretty spectacular. >> >> FreeBSD 10.0 might be better known as FreeBSD Vista, at this rate. >> >> Regards, Frank. >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.= org" > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALeGphxqeeyVLnJ%2Bvdcf04rFxAq6pYLZSsW4kx_zGC0LBs9gEQ>