BIND chroot environment in 10-RELEASE...gone?
Michael Sinatra
michael at rancid.berkeley.edu
Tue Dec 3 08:56:45 UTC 2013
I am aware of the fact that unbound has "replaced" BIND in the base
system, starting with 10.0-RELEASE. What surprised me was recent
commits to ports/dns/bind99 (and presumably other versions) that appears
to take away the supported chroot capabilities. OTOH, it appears that
unbound has been given these capabilities.
I have no issues with removing BIND from base, but taking away the very
robust chroot support that FreeBSD had for BIND is something I would
oppose. I like the idea of leveling the playing field for users of
other systems, but the way things have been implemented thus far--taking
away functionality from BIND while preferring unbound--seems
counter-productive. It doesn't really level the playing field, it just
turns it the other way.
It seems like it would be pretty easy to preserve the /etc/rc.d/named
startup script and BIND.chroot.dist from 9.x and add them to the BIND
ports, so that people who need to run a full-blown BIND installation can
"just install the port" as was advised back in 2012 when the
BIND/unbound change was first being discussed on -hackers. What are the
obstacles to doing something like this?
michael
More information about the freebsd-stable
mailing list