Peter Simons writes: > personally, I think it's okay to use fetchurl because it guarantees that > we notice updates in the cache file.
How will we notice ? When bind fails to install ? > The named.cache file does contain a > version number (i.e. a date stamp), so can reliably detect that a change > checksum change was caused by an upstream update. You are right, it does. But I was wishing for a version number in the filename, which would allow us to fetch the file in a referentially transparent way (as with version numbers in the names of source tarballs). According to my understanding, once the named.root file is in the store, fetchurl will get it from there (the store acting as a cache), and will not check the source; thus even when the source file changes, it will not notice. I think the change will only be apparent when trying to install bind where the store does not already contain a *matching* copy of the named.root file. This will happen if the checksum in the source is not updated, or much worse, when someone tries to install from an old version (e.g. stable) version of the source. The latter amounts to gratuitous bitrot, and it is the reason why I think this is the wrong approach. I do not think it can be acceptable for a package that used to install correctly to stop doing so, just because of a change in the named.root file. It would be easy enough to use wget to fetch the file every time preStart runs, but that would put unnecessary load on the internic.net server. Futhermore, it would not guarantee changes would be noticed (consider a stable bind installation that is not restarted for months or years). The DNS HOWTO (http://www.tldp.org/HOWTO/DNS-HOWTO-8.html) recommends using dig to get the root hints. Since dig is included with bind, it should be available by the time preStart runs, so I think we could use dig in preStart to fetch the root hints each time preStart runs. Unfortunately, that approach does not provide the version number information (being in a comment, which dig will not return), but it should still work. The DNS HOWTO also recommends using a monthly cron job to update the root hints. I suppose we could arrange for nixos to install such a cron job automatically whenever bind is installed with rootHints true, but I am not sure of the right way to do this. > Yes, the file should probably be used by default. I don't see much a > downside. Okay, I will make the option default to true. The only downside I can see is when someone wants a DNS with roots different to the Internet ones. In that (rare) case, they need to explicitly set the option false. Tim --- GPG public key available at: http://phasechangeit.com/~trb/gpg-key or http://subkeys.pgp.net:11371 _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
