New BIND 9 chroot directories

Doug Barton DougB at FreeBSD.org
Tue Oct 5 00:27:45 PDT 2004


[ I'm snipping the bits that we agreed on, thanks for taking the time to 
consider my perspective. ]

On Tue, 5 Oct 2004, Makoto Matsushita wrote:

> DougB> All that said, the defaults are just the defaults. The thing
> DougB> that people really need to keep in mind is that if you want to
> DougB> change it, you can.
>
> However, unfortunately it's _default_ -- no matter it is intended or
> not, some of users feel that FreeBSD the OS _enforces_ users to
> configure named in that way.

Well, I'm sorry to say that I know of no way that we can fix this 
problem. I'm certainly not going to try to re-engineer something so that 
some users can avoid feeling a pressure that doesn't really exist. :)

> As we already seen, there are preferences on "directory names for zone
> files (master/slave v.s. m/s)."  Imagine you like to put your master
> zone file under ${chrootdir}/etc/namedb/M, and find that there is
> ${chrootdir}/etc/namedb/master which is bogus for you.

In the defaults don't work for you, you should edit 
/etc/mtree/BIND.chroot.dist. That's why we give you the bits to play 
with.

> Here's a simple patch to remove master/slave directories.

I'm sorry to say, that this idea is not suitable. The default needs to 
be a full-featured installation that users can enable out of the box to 
have a functional resolving name server configuration, and provide a 
guideline to users who want to do more complex things. Users who want to 
do REALLY complex things have a higher learning curve,  and there is no 
way that we can avoid that.

In short, the defaults work, and do nothing to prevent users from doing 
other things.

Doug

-- 

     This .signature sanitized for your protection



More information about the freebsd-current mailing list