Date: Sat, 25 Jan 2014 14:26:26 -0600 From: Matthew Pherigo <hybrid120@gmail.com> To: Frank Leonhardt <frank2@fjl.co.uk>, freebsd-questions@freebsd.org Subject: Re: Why was nslookup removed from FreeBSD 10? Message-ID: <97A0F01F-3E78-47D6-BDD6-ECE45D1BC45C@gmail.com> In-Reply-To: <52E41619.1000505@fjl.co.uk> References: <52E40CC4.6090401@fjl.co.uk> <201401252137.50132.mark.tinka@seacom.mu> <52E41619.1000505@fjl.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
To my understanding, almost half of all the security vulnerabilities in the e= ntire lifetime of the FreeBSD project have been from BIND. Personally, I'd s= ay that's "pretty spectacular." --Matt > On Jan 25, 2014, at 1:52 PM, Frank Leonhardt <frank2@fjl.co.uk> wrote: >=20 >> On 25/01/2014 19:37, Mark Tinka wrote: >> On Saturday, January 25, 2014 09:13:08 PM Frank Leonhardt >> wrote: >>=20 >>> Unbelievable, but true - someone somewhere thought that >>> removing nslookup from the base system was the way to >>> go. >>>=20 >>> Why? Can anyone shed any light on how this decision was >>> made? >> If you read: >>=20 >> http://www.freebsd.org/releases/10.0R/relnotes.html >>=20 >> Under the "2.3. Userland Changes" section, you will notice: >>=20 >> "BIND has been removed from the base system. >> unbound(8), which is maintained by NLnet Labs, has >> been imported to support local DNS resolution >> functionality with DNSSEC. Note that it is not a >> replacement of BIND and the latest versions of BIND >> is still available in the Ports Collection. With >> this change, nslookup and dig are no longer a part >> of the base system. Users should instead use >> host(1) and drill(1) Alternatively, nslookup and >> dig can be obtained by installing dns/bind-tools >> port. [r255949]" >>=20 >> So install /usr/ports/dns/bind-tools and you're a happy guy. >>=20 >> As to the philosophy of it all, no point arguing. Fait >> accompli. >>=20 >> Mark. > As you and Waitman both pointed out, nslookup IS part of BIND, yet as I sa= id in the diatribe following the question in my post, so is "host" and that'= s still there. Also Windoze has nslookup but doesn't include BIND. I agree t= here's no point arguing unless you know the rational behind what appears an a= rbitrary decision; hence my question. Was this simply an oversight or is the= re a thought-out reason for it that one can take issue with? >=20 > IIRC, nslookup was present in 4.3BSD, and I'm pretty sure it existed befor= e that. (That's BSD, not FreeBSD). Its relied on in scripts. The reason for d= ropping it from the base system must be pretty spectacular. >=20 > FreeBSD 10.0 might be better known as FreeBSD Vista, at this rate. >=20 > Regards, Frank. >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or= g"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?97A0F01F-3E78-47D6-BDD6-ECE45D1BC45C>