On 12/27/2013 04:00 PM, Mathieu Arnold wrote:
+--On 25 décembre 2013 22:16:07 -0800 Doug Barton <do...@dougbarton.us>
wrote:
| While looking at the UPDATING entry for the bdb mess (more on that later)
| I happened to see this:
|
| 20131209:
| AFFECTS: users of dns/bind96, dns/bind98 and bind99 on FreeBSD 10.0
| AUTHOR: er...@freebsd.org
|
| Bind versions before 9.6.3.2.ESV.R10_2, 9.8.6_2, and 9.9.4_2 on
| FreeBSD 10.0 will replace named.conf on upgrade. Make sure to
| backup any local changes before upgrading to the _2 versions.
|
| This is not Ok. FreeBSD ports are NEVER supposed to blindly overwrite
| config files. Please fix this so that it confirms to over a decade of
| policy that FreeBSD ports users should be able to safely depend on.
That's ok, because FreeBSD 10.0 is not released yet, and the current
version of the bind ports doesn't overwrite the config files.
It's not Ok under any circumstances. FreeBSD ports should NEVER blindly
overwrite config files. Period, end of discussion.
There is no doubt that the work to remove BIND from the base and make
the ports version robust on 10.x will be difficult due to the fact that
the port relied on several things already being present in the default
base install. However "it's hard" is no excuse for not doing the work
correctly.
What I proposed as part of this work years ago was to create something
like a bind-config package that would (optionally) install the same
default files and configuration for the port that are still in the base
for [89].x. That way users who just wanted the old default local
resolver could get that behavior easily, and users with other needs
would not have to have it. I still think that's the easiest and least
painful way to manage the transition, and would encourage Erwin to
consider it. (For extra credit, a different but similar sort of port
should be created to enable DNSSEC validation, and should include the
root zone trust anchor, and a description of how the user can validate
it for themselves.)
In any case even a _plan_ to overwrite conf files blindly is a bad idea.
So much the better to fix it now before it actually bites any users.
Doug
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
