From owner-freebsd-current@FreeBSD.ORG Mon Oct 4 22:01:24 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A98516A4D0; Mon, 4 Oct 2004 22:01:24 +0000 (GMT) Received: from smtp1.jazztel.es (smtp1.jazztel.es [62.14.3.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id B487F43D1F; Mon, 4 Oct 2004 22:01:23 +0000 (GMT) (envelope-from josemi@freebsd.jazztel.es) Received: from antivirus by smtp1.jazztel.es with antivirus id 1CEatm-0000HU-00 Tue, 05 Oct 2004 00:01:38 +0200 Received: from [212.106.236.104] (helo=rguez.homeunix.net) by smtp1.jazztel.es with esmtp id 1CEatl-0000H1-00 Tue, 05 Oct 2004 00:01:38 +0200 Received: from redesjm.local (orion.redesjm.local [192.168.254.16]) by rguez.homeunix.net (8.13.1/8.13.1) with ESMTP id i94M1Lev012739; Tue, 5 Oct 2004 00:01:21 +0200 (CEST) (envelope-from freebsd@redesjm.local) Received: from localhost (localhost [[UNIX: localhost]]) by redesjm.local (8.13.1/8.13.1/Submit) id i94M1KVN051899; Tue, 5 Oct 2004 00:01:21 +0200 (CEST) (envelope-from freebsd@redesjm.local) From: Jose M Rodriguez To: freebsd-current@freebsd.org Date: Tue, 5 Oct 2004 00:01:19 +0200 User-Agent: KMail/1.7 References: <200410021033.37844.freebsd@redesjm.local> <200410021139.49551.freebsd@redesjm.local> <20041004131742.A778@bo.vpnaa.bet> In-Reply-To: <20041004131742.A778@bo.vpnaa.bet> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200410050001.20339.freebsd@redesjm.local> X-AntiVirus: checked by AntiVir Milter 1.1-beta; AVE 6.27.0.12; VDF 6.27.0.81 (host: antares.redesjm.local) X-Virus-Scanned: by antivirus cc: Jose M Rodriguez Subject: Re: problems with latest bind9 setup changes X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Oct 2004 22:01:24 -0000 On Monday 04 October 2004 22:22, Doug Barton wrote: > FYI, freebsd-current@freebsd.org and current@freebsd.org are two > aliases for the same list. It is not needed to cc both. > ... > > That's correct, although the one I committed was the one I used at > Yahoo! on hundreds of name servers, and is both thorough and > effective. I "borrowed" from the best ideas from various > knowledgeable sources, and my own extensive experience. Of course, if > someone has better ideas, I'm open to them. > The real thread is that I can't see why a model about the chroot layout is needed. I'll prefer use p and s instead off masters and slaves. Or make symlinks to easy in/out chroot like this # mkdir -p /var/named/var # cd /var/named/var # ln -s .. named # mkdir -p /var/named/etc # cd /var/named/etc # ln -s .. namedb > > Making strong support for a chrooted named is really needed. But > > moving the release default setup to a strong model on that not. > > I'm sorry, I don't understand this. > I really love what /etc/rc.d/named can do to launch a chrooted named in a safe and easy way. But I really hate that FreeBSD impose me what dir I must use and how I must layout it. > > I'll prefer a sandwidch setup (named_flags="-u bind", > > named_chroot="") as release default. > > Defaulting to using the chroot structure is a good change, and > suitable for the vast majority of users. If you want something > different, the knobs are there for you to twist. :) > Anyone that may need a chrooted named is supposed to be smart enough to make the change from a basic setup. Also, I think this can be possible from /etc/rc.d/named, just making named_chrootdir point to a nonexistant/wide dir. > Doug -- josemi