Date: Thu, 6 Mar 2003 02:07:24 +0100 From: Philip Paeps <philip@paeps.cx> To: "FreeBSD-Current (E-mail)" <freebsd-current@freebsd.org> Subject: Re: Plea for base system trim Message-ID: <20030306010724.GE621@juno.home.paeps.cx> In-Reply-To: <20030305163732.Y50404@12-234-22-23.pyvrag.nggov.pbz> References: <2F03DF3DDE57D411AFF4009027B8C36704129AE6@exchange-uk.isltd.insignia.com> <20030305015947.M18288@znfgre.tberna.bet> <20030305232641.GC621@juno.home.paeps.cx> <20030305163732.Y50404@12-234-22-23.pyvrag.nggov.pbz>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2003-03-05 16:46:04 (-0800), Doug Barton <DougB@FreeBSD.org> wrote: > On Thu, 6 Mar 2003, Philip Paeps wrote: > > Is it actually possible for one to build a custom release without the > > ``unnecessary'' BIND bits? I haven't grepped the source, forgive me, but > > what does 'NO_BIND=true' actually do? If I were to make a release like > > that, would that end me up without resolver as well? > > It's not as thorough as I think it should be. I plan to get cracking on this > now that I've got my ports more or less whipped into shape pre-freeze. Thanks! The possibility of having a way to completely erradicate the 'superfluous' bits of BIND sounds very appealing. I'd be happy to break some machines to help test this :-) > > Perhaps a NO_NSLOOKUP flag? ;-) > > Yeah, I'll add that along with the PIGS_WILL_FLY flag. *grin* > > Now my fiddling with the BIND port is reduced to making stuff live under > > /var/namedb instead of /etc/namedb as I like having / mounted read-only as > > much as possible. > > One way you can do this fairly easily with PORT_REPLACES_BASE is to have > your chroot tree look something like this: > > /var/named/<other stuff you need> > /var/named/etc/namedb/named.conf (etc) > > Then have /etc/namedb be a symlink to /var/named/etc/namedb, with > 'directory "/etc/namedb";' in your named.conf file. That looks a lot cleaner than what I've got now. Good project for tomorrow morning. Also gets rid of the confusing (to some) "directory "/"' in the config, and allows those obsessed with editing /etc/namedb/named.conf to find themselves at home. > That way, both named and ndc "see" the same picture of the system, in and > out of the chroot tree. Speaking of ndc, I think that's a BIND8-ism. Could the port be convinced to symlink it to rndc when set to replace the base, or would that confuse other things? Currently, I'm just aliasing it in my shell, but that seems a bit hackish :-) > I already use this at work, and I plan to add a lot of this config to the > base itself here pretty soon. But you can easily get a head start on it now > using what I described above. Briliant! I'll have people congratulate me on the cleanliness of my nameserver by lunchtime tomorrow :-P - Philip -- Philip Paeps Please don't CC me, I am philip@paeps.cx subscribed to the list. If you see a man approaching you with the obvious intent of doing you good, you should run for your life. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030306010724.GE621>