BIND DNS Patching on 6.1, 6.2
Matthew Seaman
m.seaman at infracaninophile.co.uk
Mon Sep 1 10:23:54 UTC 2008
Grant Peel wrote:
> Hi all,
>
> Thanks to Lars I have come up with the following (to upgrade BIND for
> the DNS caching issue)...(short of updateing all source).
>
> Download the latest port BIND95.9.5.x (p2 I think),
9.5.0.2 -- correct.
> Extract it to the ports directory,
>
> make -DWITH_REPLACE_BASE
You should get an OPTIONS dialogue here which will allow you to achieve
the required result. Use 'make config' to force the issue if necessary.
> make install
> make clean
>
> Is the above correct?
Yes, that will work just fine.
> Also,
>
> Will the installation leave all my current (BIND) configs alone?
It will not trash /etc/namedb/named.conf -- actually, I think it won't
touch anything under /etc/namedb so it should 'just work' with your
existing configuration. Remember to remove any 'port 53' clauses from
'query source' statements in named.conf or this will all have been for
nothing.
If you're going to do the 'REPLACE_BASE' thing, then you should add
WITHOUT_BIND=yes
to /etc/make.conf (/etc/src.conf in 7.x and above) -- otherwise you'll
revert to the system version of BIND whenever you update. There are
half a dozen BIND related make flags that you can pick and choose from if
you want finer control.
Alternatively, you can leave the base system as-is, install the port
under /usr/local as usual, and just use variables like the following in
/etc/rc.conf:
named_enable="YES"
named_program="/usr/local/sbin/named"
named_flags="-c /etc/namedb/named.conf"
This means you'll run named-2.5.0.2 from the port (which is the important
bit) but unless you fiddle with your $PATH, you'll tend to get all the
adjunct programs like dig, host, rndc from the base system.
Either way, it should all be pretty seamless. Which way you choose is a matter of taste and convenience rather than necessity.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080901/2995363a/signature-0001.pgp
More information about the freebsd-questions
mailing list