Why was nslookup removed from FreeBSD 10?

David Demelier demelier.david at gmail.com
Sun Jan 26 18:22:19 UTC 2014

On 25/01/2014 20:52, Frank Leonhardt wrote:
> On 25/01/2014 19:37, Mark Tinka wrote:
>> On Saturday, January 25, 2014 09:13:08 PM Frank Leonhardt
>> wrote:
>>> Unbelievable, but true - someone somewhere thought that
>>> removing nslookup from the base system was the way to
>>> go.
>>> Why? Can anyone shed any light on how this decision was
>>> made?
>> If you read:
>>     http://www.freebsd.org/releases/10.0R/relnotes.html
>> Under the "2.3. Userland Changes" section, you will notice:
>>     "BIND has been removed from the base system.
>>      unbound(8), which is maintained by NLnet Labs, has
>>      been imported to support local DNS resolution
>>      functionality with DNSSEC. Note that it is not a
>>      replacement of BIND and the latest versions of BIND
>>      is still available in the Ports Collection. With
>>      this change, nslookup and dig are no longer a part
>>      of the base system. Users should instead use
>>      host(1) and drill(1) Alternatively, nslookup and
>>      dig can be obtained by installing dns/bind-tools
>>      port. [r255949]"
>> So install /usr/ports/dns/bind-tools and you're a happy guy.
>> As to the philosophy of it all, no point arguing. Fait
>> accompli.
>> Mark.
> As you and Waitman both pointed out, nslookup IS part of BIND, yet as I
> said in the diatribe following the question in my post, so is "host" and
> that's still there. Also Windoze has nslookup but doesn't include BIND.
> I agree there's no point arguing unless you know the rational behind
> what appears an arbitrary decision; hence my question. Was this simply
> an oversight or is there a thought-out reason for it that one can take
> issue with?
> IIRC, nslookup was present in 4.3BSD, and I'm pretty sure it existed
> before that. (That's BSD, not FreeBSD). Its relied on in scripts. The
> reason for dropping it from the base system must be pretty spectacular.
> FreeBSD 10.0 might be better known as FreeBSD Vista, at this rate.
> Regards, Frank.

Please don't piss off, there was thousands of reasons for removing BIND
from base. It generates at least 5 security advisories by year. FreeBSD
has a great feature called "ports" / "packages". Of course it's always
great to have a fully functional system just after an installation. But
can you seriously use a FreeBSD fresh install? I think you need to
install a bunch of packages before :-).

So just a pkg install bind-tools is not so hard, isn't it?



More information about the freebsd-questions mailing list