Date: Wed, 04 Dec 2013 12:13:30 +1100 From: Mark Andrews <marka@isc.org> To: "Chris H" <bsd-lists@1command.com> Cc: freebsd-stable@freebsd.org Subject: Re: BIND chroot environment in 10-RELEASE...gone? Message-ID: <20131204011330.88434B13F15@rock.dv.isc.org> In-Reply-To: Your message of "Tue, 03 Dec 2013 14:10:29 -0800." <560e9b24248600b4125c8786712d0bf9.authenticated@ultimatedns.net> References: <1386086749.9599.54995173.6CD35E54@webmail.messagingengine.com> <CAN6yY1sVGiQFNkoi0mGZs7grJ5SMAui-rDO1e8UDAs0PTUVL9g@mail.gmail.com> <alpine.BSF.2.00.1312031407090.78399@roadkill.tharned.org> <20131203.223612.74719903.sthaug@nethelp.no> <560e9b24248600b4125c8786712d0bf9.authenticated@ultimatedns.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <560e9b24248600b4125c8786712d0bf9.authenticated@ultimatedns.net>, "Chris H" writes: > >> > It was a deliberate decision made by the maintainer. He said the chroot > >> > code in the installation was too complicated and would be removed as a > >> > part of the installation clean-up to get all BIND related files out of > >> > /usr and /etc. I protested at the time as did someone else, but the > >> > maintainer did not respond. I thnk this was a really, really bad > >> > decision. > >> > > >> > I searched a bit for the thread on removing BIND leftovers, but have > >> > failed to find it. > >> > > >> > >> You're probably thinking about my November 17 posting: > >> http://lists.freebsd.org/pipermail/freebsd-stable/2013-November/075895.html > >> > >> I'm glad to see others finally speaking up; I was beginning to think I was > >> the only one who thought this was not a good idea. I'm a bit surprised > >> that no one has responded yet. > > > > I agree with the protesters here. Removing chroot and symlinking logic > > in the ports is a significant disservice to FreeBSD users, and will > > make it harder to use BIND in a sensible way. A net disincentive to > > use FreeBSD :-( > > I strongly disagree. The BIND is still available within FreeBSD for anyone who chooses to > use/install it. Further, nothing stops anyone who wishes to continue using the CHROOT(8) > script(s) that provided the BIND with a chroot. Any copy of a FreeBSD-8 (maybe even 9) > install CD/DVD holds all the "magic" required. It is _easily_ acquired, and implemented. In > fact, one could easily turn the whole affair into an automated routine. > So. Bottom line; the BIND still remains with FreeBSD, nothing has been taken away. > The CHROOT(8) scripts are still easily available, and can be implemented, at will, by > anyone who cares to continue using it. > What's the big deal? If it is easily aquired why isn't it in the port or is it as Erwin claims that it is too hard. So what is it? In any case it would be better if the port supported chroot as of FBSD 10. /var/named is still as far as I can see the sensible place to default the chroot directory. Copying BIND.chroot.dist and installing it in /usr/local/etc as BIND.chroot should be a no brainer as of FBSD 10.0. Then there is tweeking chroot_autoupdate. Anyway I suspect there will be a lot of pr requests about this. > > Steinar Haug, Nethelp consulting, sthaug@nethelp.no > > > > _______________________________________________ > > freebsd-stable@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131204011330.88434B13F15>