Date: Tue, 18 Jun 2002 02:07:11 -0700 From: Doug Barton <DougB@FreeBSD.org> To: Sheldon Hearn <sheldonh@starjuice.net> Cc: Mike Makonnen <makonnen@pacbell.net>, arch@FreeBSD.ORG Subject: Re: rcNG rollout in -current Message-ID: <3D0EF83F.447BAA11@FreeBSD.org> References: <766.1024388972@axl.seasidesoftware.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Sheldon Hearn wrote:
>
> On Mon, 17 Jun 2002 16:51:37 MST, Mike Makonnen wrote:
>
> > > I'm about to try my first rcNG bootstrap. I'm confident that there are
> > > lots of people who, like me, are much more likely to test stuff if it's
> > > in the tree and just requires the flick of a switch to turn on and off.
> >
> > Cool, give us some feedback (positive or otherwise).
>
> First the otherwise feedback. :-)
>
> | /etc/rc: INFO: mountd depends on rpcbind, which will be forced to start.
> | Starting rpcbind.
> | Starting mountd.
> | /etc/rc: WARNING: $portmap_enable is not set.
>
> Historically, we've been allowed to have portmap_enable="NO" (which is
> what I have) and rest assured that it would be started as a dependency.
> For this reason, the WARNING seems unnecessary.
DEPENDENCY NOTE: portmap will be enabled to support amd
That's what the current version prints in the same circumstance. I think
the warning is reasonable, just in case the user did something wonky.
> Index: named
> ===================================================================
> RCS file: /home/ncvs/src/etc/rc.d/named,v
> retrieving revision 1.2
> diff -u -d -r1.2 named
> --- named 13 Jun 2002 22:14:36 -0000 1.2
> +++ named 18 Jun 2002 08:00:49 -0000
> @@ -84,7 +84,7 @@
> ! checkyesno named_rcng && return 0
> # Is the user using a sandbox?
> if [ -z "$named_chrootdir" ]; then
> - rc_flags="-u $nuser -g $ngroup rc_flags"
> + rc_flags="-u $nuser -g $ngroup $rc_flags"
> return 0
> fi
Go ahead and punch that one in.
> I see that the way etc/rc.d/named works, named_flags="-u bind -g bind"
> is no longer required. So finally we have sane defaults there. Cool.
Actually -g bind is pretty useless. That's one of the reasons they
dropped it in BIND 9.
> With this patch applied, named starts.
>
> The next step is to add named_chrootdir="/etc/named/s", where
> /etc/named/s and the appropriate subdirectories exist. Then, at
> least one required file is not copied into the chrootdir, namely
> etc/namedb/named.conf. Others, like etc/resolv.conf should probably be
> copied in as well, but this gets tricky. What if there are zone files?
>
> So it looks like the named_chrootdir idea needs a bit more thought.
Some of us are working on it... if I can ever get out from under the
gnome complications with xscreensaver, I plan to work on my "replace the
system BIND" patches to the ports, then work on the chroot stuff.
Thanks for the feedback,
Doug
--
"We have known freedom's price. We have shown freedom's power.
And in this great conflict, ... we will see freedom's victory."
- George W. Bush, President of the United States
State of the Union, January 28, 2002
Do YOU Yahoo!?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D0EF83F.447BAA11>