From owner-freebsd-questions@FreeBSD.ORG Sat Jan 25 20:26:27 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3734F30C for ; Sat, 25 Jan 2014 20:26:27 +0000 (UTC) Received: from mail-oa0-x235.google.com (mail-oa0-x235.google.com [IPv6:2607:f8b0:4003:c02::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id EFAAD12AF for ; Sat, 25 Jan 2014 20:26:26 +0000 (UTC) Received: by mail-oa0-f53.google.com with SMTP id m1so5277994oag.12 for ; Sat, 25 Jan 2014 12:26:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:references:from:content-type:in-reply-to:message-id:date:to :content-transfer-encoding:mime-version; bh=ejTXRQgymuBnMk+6h35GVPN2n3SM3MqUiCWYKoI7uVM=; b=toFmD9nIbrg+/+kQH3mimjZRxSp4C1C+6paEAK6YIhbR9yFBDRaX1bJ2X1Z0hC/9Ff /p2onrZh80yhF7pPFeaiO9LZKqyIlwXJ5Pn3F8dSTgjlTS30tuKCCn1yX7vcYQe9qBrG ERsSCgxaL6db/r7yEkUHZHnPaXELkd2dm899u8Ny+sXkC1kXAiAnJFk94csNGrWJEfOC BHkFqz3kc8odMmUPt8/HAvw9YI2JamgKYIKntEE3tkDo6tANiiahmWLbZFIWDv8i+PNd qCNo0bgZBIMYz5hQMAtp4MLU1vYEs/s/++iz4e/tPLiiVwKJttU2+kYqVNY5HgDhnjtR GSQg== X-Received: by 10.60.45.38 with SMTP id j6mr8203822oem.2.1390681586200; Sat, 25 Jan 2014 12:26:26 -0800 (PST) Received: from [192.168.1.64] (pool-71-164-175-115.dllstx.fios.verizon.net. [71.164.175.115]) by mx.google.com with ESMTPSA id xs17sm33767033oeb.1.2014.01.25.12.26.25 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 25 Jan 2014 12:26:25 -0800 (PST) Subject: Re: Why was nslookup removed from FreeBSD 10? References: <52E40CC4.6090401@fjl.co.uk> <201401252137.50132.mark.tinka@seacom.mu> <52E41619.1000505@fjl.co.uk> From: Matthew Pherigo Content-Type: text/plain; charset=us-ascii X-Mailer: iPad Mail (11B554a) In-Reply-To: <52E41619.1000505@fjl.co.uk> Message-Id: <97A0F01F-3E78-47D6-BDD6-ECE45D1BC45C@gmail.com> Date: Sat, 25 Jan 2014 14:26:26 -0600 To: Frank Leonhardt , freebsd-questions@freebsd.org Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jan 2014 20:26:27 -0000 To my understanding, almost half of all the security vulnerabilities in the e= ntire lifetime of the FreeBSD project have been from BIND. Personally, I'd s= ay that's "pretty spectacular." --Matt > On Jan 25, 2014, at 1:52 PM, Frank Leonhardt wrote: >=20 >> On 25/01/2014 19:37, Mark Tinka wrote: >> On Saturday, January 25, 2014 09:13:08 PM Frank Leonhardt >> wrote: >>=20 >>> Unbelievable, but true - someone somewhere thought that >>> removing nslookup from the base system was the way to >>> go. >>>=20 >>> Why? Can anyone shed any light on how this decision was >>> made? >> If you read: >>=20 >> http://www.freebsd.org/releases/10.0R/relnotes.html >>=20 >> Under the "2.3. Userland Changes" section, you will notice: >>=20 >> "BIND has been removed from the base system. >> unbound(8), which is maintained by NLnet Labs, has >> been imported to support local DNS resolution >> functionality with DNSSEC. Note that it is not a >> replacement of BIND and the latest versions of BIND >> is still available in the Ports Collection. With >> this change, nslookup and dig are no longer a part >> of the base system. Users should instead use >> host(1) and drill(1) Alternatively, nslookup and >> dig can be obtained by installing dns/bind-tools >> port. [r255949]" >>=20 >> So install /usr/ports/dns/bind-tools and you're a happy guy. >>=20 >> As to the philosophy of it all, no point arguing. Fait >> accompli. >>=20 >> Mark. > As you and Waitman both pointed out, nslookup IS part of BIND, yet as I sa= id in the diatribe following the question in my post, so is "host" and that'= s still there. Also Windoze has nslookup but doesn't include BIND. I agree t= here's no point arguing unless you know the rational behind what appears an a= rbitrary decision; hence my question. Was this simply an oversight or is the= re a thought-out reason for it that one can take issue with? >=20 > IIRC, nslookup was present in 4.3BSD, and I'm pretty sure it existed befor= e that. (That's BSD, not FreeBSD). Its relied on in scripts. The reason for d= ropping it from the base system must be pretty spectacular. >=20 > FreeBSD 10.0 might be better known as FreeBSD Vista, at this rate. >=20 > Regards, Frank. >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or= g"