Date: Tue, 5 Oct 2004 00:27:39 -0700 (PDT) From: Doug Barton <DougB@FreeBSD.org> To: Makoto Matsushita <matusita@jp.FreeBSD.org> Cc: freebsd-current@freebsd.org Subject: Re: New BIND 9 chroot directories Message-ID: <20041005001557.M85445@ync.qbhto.arg> In-Reply-To: <20041005161202V.matusita@jp.FreeBSD.org> References: <20041005114834Y.matusita@jp.FreeBSD.org> <20041004223818.I85445@ync.qbhto.arg> <20041005161202V.matusita@jp.FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[ I'm snipping the bits that we agreed on, thanks for taking the time to
consider my perspective. ]
On Tue, 5 Oct 2004, Makoto Matsushita wrote:
> DougB> All that said, the defaults are just the defaults. The thing
> DougB> that people really need to keep in mind is that if you want to
> DougB> change it, you can.
>
> However, unfortunately it's _default_ -- no matter it is intended or
> not, some of users feel that FreeBSD the OS _enforces_ users to
> configure named in that way.
Well, I'm sorry to say that I know of no way that we can fix this
problem. I'm certainly not going to try to re-engineer something so that
some users can avoid feeling a pressure that doesn't really exist. :)
> As we already seen, there are preferences on "directory names for zone
> files (master/slave v.s. m/s)." Imagine you like to put your master
> zone file under ${chrootdir}/etc/namedb/M, and find that there is
> ${chrootdir}/etc/namedb/master which is bogus for you.
In the defaults don't work for you, you should edit
/etc/mtree/BIND.chroot.dist. That's why we give you the bits to play
with.
> Here's a simple patch to remove master/slave directories.
I'm sorry to say, that this idea is not suitable. The default needs to
be a full-featured installation that users can enable out of the box to
have a functional resolving name server configuration, and provide a
guideline to users who want to do more complex things. Users who want to
do REALLY complex things have a higher learning curve, and there is no
way that we can avoid that.
In short, the defaults work, and do nothing to prevent users from doing
other things.
Doug
--
This .signature sanitized for your protection
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041005001557.M85445>