Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 25 Jan 2014 14:26:26 -0600
From:      Matthew Pherigo <hybrid120@gmail.com>
To:        Frank Leonhardt <frank2@fjl.co.uk>, freebsd-questions@freebsd.org
Subject:   Re: Why was nslookup removed from FreeBSD 10?
Message-ID:  <97A0F01F-3E78-47D6-BDD6-ECE45D1BC45C@gmail.com>
In-Reply-To: <52E41619.1000505@fjl.co.uk>
References:  <52E40CC4.6090401@fjl.co.uk> <201401252137.50132.mark.tinka@seacom.mu> <52E41619.1000505@fjl.co.uk>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
To my understanding, almost half of all the security vulnerabilities in the e=
ntire lifetime of the FreeBSD project have been from BIND. Personally, I'd s=
ay that's "pretty spectacular."

--Matt

> On Jan 25, 2014, at 1:52 PM, Frank Leonhardt <frank2@fjl.co.uk> wrote:
>=20
>> On 25/01/2014 19:37, Mark Tinka wrote:
>> On Saturday, January 25, 2014 09:13:08 PM Frank Leonhardt
>> wrote:
>>=20
>>> Unbelievable, but true - someone somewhere thought that
>>> removing nslookup from the base system was the way to
>>> go.
>>>=20
>>> Why? Can anyone shed any light on how this decision was
>>> made?
>> If you read:
>>=20
>>    http://www.freebsd.org/releases/10.0R/relnotes.html
>>=20
>> Under the "2.3. Userland Changes" section, you will notice:
>>=20
>>    "BIND has been removed from the base system.
>>     unbound(8), which is maintained by NLnet Labs, has
>>     been imported to support local DNS resolution
>>     functionality with DNSSEC. Note that it is not a
>>     replacement of BIND and the latest versions of BIND
>>     is still available in the Ports Collection. With
>>     this change, nslookup and dig are no longer a part
>>     of the base system. Users should instead use
>>     host(1) and drill(1) Alternatively, nslookup and
>>     dig can be obtained by installing dns/bind-tools
>>     port. [r255949]"
>>=20
>> So install /usr/ports/dns/bind-tools and you're a happy guy.
>>=20
>> As to the philosophy of it all, no point arguing. Fait
>> accompli.
>>=20
>> Mark.
> As you and Waitman both pointed out, nslookup IS part of BIND, yet as I sa=
id in the diatribe following the question in my post, so is "host" and that'=
s still there. Also Windoze has nslookup but doesn't include BIND. I agree t=
here's no point arguing unless you know the rational behind what appears an a=
rbitrary decision; hence my question. Was this simply an oversight or is the=
re a thought-out reason for it that one can take issue with?
>=20
> IIRC, nslookup was present in 4.3BSD, and I'm pretty sure it existed befor=
e that. (That's BSD, not FreeBSD). Its relied on in scripts. The reason for d=
ropping it from the base system must be pretty spectacular.
>=20
> FreeBSD 10.0 might be better known as FreeBSD Vista, at this rate.
>=20
> Regards, Frank.
>=20
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or=
g"



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?97A0F01F-3E78-47D6-BDD6-ECE45D1BC45C>