BIND DNS Patching on 6.1, 6.2

Matthew Seaman m.seaman at infracaninophile.co.uk
Mon Sep 1 10:23:54 UTC 2008 

Grant Peel wrote:
> Hi all,
> 
> Thanks to Lars I have come up with the following (to upgrade BIND for 
> the DNS caching issue)...(short of updateing all source).
> 
> Download the latest port BIND95.9.5.x (p2 I think),

9.5.0.2 -- correct.
 
> Extract it to the ports directory,
> 
> make -DWITH_REPLACE_BASE

You should get an OPTIONS dialogue here which will allow you to achieve
the  required result.  Use 'make config' to force the issue if necessary.

> make install
> make clean
> 
> Is the above correct?

Yes, that will work just fine.
 
> Also,
> 
> Will the installation leave all my current (BIND) configs alone?

It will not trash /etc/namedb/named.conf -- actually, I think it won't
touch anything under /etc/namedb so it should 'just work' with your
existing configuration.  Remember to remove any 'port 53' clauses from
'query source' statements in named.conf or this will all have been for 
nothing.

If you're going to do the 'REPLACE_BASE' thing, then you should add
 
WITHOUT_BIND=yes

to /etc/make.conf (/etc/src.conf in 7.x and above) -- otherwise you'll
revert to the system version of BIND whenever you update.  There are
half a dozen BIND related make flags that you can pick and choose from if
you want finer control.

Alternatively, you can leave the base system as-is, install the port
under /usr/local as usual, and just use variables like the following in 
/etc/rc.conf:

named_enable="YES"
named_program="/usr/local/sbin/named"
named_flags="-c /etc/namedb/named.conf"

This means you'll run named-2.5.0.2 from the port (which is the important 
bit) but unless you fiddle with your $PATH, you'll tend to get all the 
adjunct programs like dig, host, rndc from the base system.

Either way, it should all be pretty seamless.  Which way you choose is a matter of taste and convenience rather than necessity.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080901/2995363a/signature-0001.pgp

More information about the freebsd-questions mailing list