Date: Mon, 15 Dec 2014 20:24:58 -0800 From: "Chris H" <bsd-lists@bsdforge.com> To: freebsd-stable@freebsd.org, <sthaug@nethelp.no> Subject: Re: BIND chroot environment in 10-RELEASE...gone? Message-ID: <e209e27f9eb42850326f5a4df458722b@ultimatedns.net> In-Reply-To: <20141215.082038.41648681.sthaug@nethelp.no> References: <CAN6yY1sVGiQFNkoi0mGZs7grJ5SMAui-rDO1e8UDAs0PTUVL9g@mail.gmail.com> <alpine.BSF.2.00.1312031407090.78399@roadkill.tharned.org> <20131203.223612.74719903.sthaug@nethelp.no>, <20141215.082038.41648681.sthaug@nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 15 Dec 2014 08:20:38 +0100 (CET) sthaug@nethelp.no wrote > > > > It was a deliberate decision made by the maintainer. He said the chroot > > > > code in the installation was too complicated and would be removed as a > > > > part of the installation clean-up to get all BIND related files out of > > > > /usr and /etc. I protested at the time as did someone else, but the > > > > maintainer did not respond. I thnk this was a really, really bad > > > > decision. > > > > > > > > I searched a bit for the thread on removing BIND leftovers, but have > > > > failed to find it. > > > > > > > > > > You're probably thinking about my November 17 posting: > > > > > > http://lists.freebsd.org/pipermail/freebsd-stable/2013-November/075895.html > > > > > > I'm glad to see others finally speaking up; I was beginning to think I > > > was the only one who thought this was not a good idea. I'm a bit > > > surprised that no one has responded yet. > > > > I agree with the protesters here. Removing chroot and symlinking logic > > in the ports is a significant disservice to FreeBSD users, and will > > make it harder to use BIND in a sensible way. A net disincentive to > > use FreeBSD :-( > > I have now installed my first 10.1 based name server. I had to spend > some hours to recreate the changeroot environment that I had so easily > available in FreeBSD up to 9.x. > > <rant> > Removing the changeroot environment and symlinking logic is a net > disservice to the FreeBSD community, and disincentive to use FreeBSD. > </rant> In all fairness (is there even such a thing?); "Convenience" is a two-way street. For each person that thinks the BIND chroot(8) mtree(8) symlink(2) was a great "service". There are at *least* as many whom feel differently. I chose to remove/disable the BIND, from BASE, some time ago. As it wasn't "convenient" to have to overcome/deal with the CVE/security issues. In the end, I was forced to re-examine some of the other resolvers, that ultimately, only proved to be better choice(s). Just sayin' --Chris > > Steinar Haug, Nethelp consulting, sthaug@nethelp.no > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e209e27f9eb42850326f5a4df458722b>