Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Tue, 12 Nov 2013, Erwin Lansing wrote: Sorry about the delay, but I did finally update all three dns/bind9* ports today. Thanks a lot for your work on this very important port. I have dropped the complicated chroot, and related symlinking, logic from the default rc script as I don't think that is the right place to implement things. I am somewhat astonished by this decision. FreeBSD has been running named chrooted for as long as I can remember. One of the really nice things about running BIND on FreeBSD has been that it came perfectly configured out of the box. I think a lot of people are going to be surprised by this. Maybe the rc script is the wrong place to set up the chroot, but shouldn't the port at least set it up at install time? Without this, there is going to be a lot of duplicated and error prone effort with everyone setting up their own chroot environment. I would recommend users who want the extra security to use jail(8) instead of a mere chroot. Is it the consensus that running named chrooted doesn't really add additional security? If a jail is that much better, shouldn't the port set up an appropriately configured jail so that we once again have everything working out of the box? Maybe the Capsicum framework will supersede both chroots and jails for added BIND security, but until then, shouldn't the chroot feature be retained? -- Greg Rivers ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
From: Erwin Lansing er...@freebsd.org Subject: Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf Date: Tue, 12 Nov 2013 12:13:23 +0100 Sorry about the delay, but I did finally update all three dns/bind9* ports today. I have dropped the complicated chroot, and related symlinking, logic from the default rc script as I don't think that is the right place to implement things. I would recommend users who want the extra security to use jail(8) instead of a mere chroot. This change should not affect the installed base of FreeBSD 9.x and earlier systems, but new installations there should note that the symlink option is no longer turned on by default, but still supported. I tested some default cases, but by no means can test every corner case, so please let me know how this works out. Please merge r257694 to stable/10 because remnants of BIND are still left. Best Regards. --- Yasuhiro KIMURA ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Tue, Nov 12, 2013 at 1:13 PM, Erwin Lansing er...@freebsd.org wrote: On Wed, Nov 06, 2013 at 02:59:15PM +0100, Erwin Lansing wrote: E E Erwin, can you please handle that? E E Things are much worse that this, the ports are completely written under the assumption that there is a Bind in base, which of course would already break with WITHOUT_BIND before Bind was completely removed. It will be hard to fix without breaking the installed base of 8 and 9. Sigh. E E I'll try to work on it this week, but unfortunately have a full schedule of meetings and travel as well. Suggestion. An option to install the rc script would solve that problem. If only it was that simple, it would have been done a long time ago. As Gleb points out, the ports are broken by design. The rc script needs a complete rewrite, and that's only after fixing all configuration files, setting up chroot, etc etc and all that while not breaking the installed base on 8 and 9. I spent most of yesterday on this and if I'm lucky, I'm halfway through. Sorry about the delay, but I did finally update all three dns/bind9* ports today. I have dropped the complicated chroot, and related symlinking, logic from the default rc script as I don't think that is the right place to implement things. I would recommend users who want the extra security to use jail(8) instead of a mere chroot. This change should not affect the installed base of FreeBSD 9.x and earlier systems, but new installations there should note that the symlink option is no longer turned on by default, but still supported. I tested some default cases, but by no means can test every corner case, so please let me know how this works out. Best, Erwin Excellent thanks so much! If you had named running using the old rc scripts and config in 10 you will need to: 1) Backup your zones stop named 2) Delete /var/named/* 3) Create a new symlink in etc to /usr/local/etc/namedb 4) Restore your zones 5) Start named from the new rc script -- George Kontostanos --- http://www.aisecure.net ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Wed, Nov 13, 2013 at 7:59 PM, George Kontostanos gkontos.m...@gmail.comwrote: On Tue, Nov 12, 2013 at 1:13 PM, Erwin Lansing er...@freebsd.org wrote: On Wed, Nov 06, 2013 at 02:59:15PM +0100, Erwin Lansing wrote: E E Erwin, can you please handle that? E E Things are much worse that this, the ports are completely written under the assumption that there is a Bind in base, which of course would already break with WITHOUT_BIND before Bind was completely removed. It will be hard to fix without breaking the installed base of 8 and 9. Sigh. E E I'll try to work on it this week, but unfortunately have a full schedule of meetings and travel as well. Suggestion. An option to install the rc script would solve that problem. If only it was that simple, it would have been done a long time ago. As Gleb points out, the ports are broken by design. The rc script needs a complete rewrite, and that's only after fixing all configuration files, setting up chroot, etc etc and all that while not breaking the installed base on 8 and 9. I spent most of yesterday on this and if I'm lucky, I'm halfway through. Sorry about the delay, but I did finally update all three dns/bind9* ports today. I have dropped the complicated chroot, and related symlinking, logic from the default rc script as I don't think that is the right place to implement things. I would recommend users who want the extra security to use jail(8) instead of a mere chroot. This change should not affect the installed base of FreeBSD 9.x and earlier systems, but new installations there should note that the symlink option is no longer turned on by default, but still supported. I tested some default cases, but by no means can test every corner case, so please let me know how this works out. Best, Erwin Excellent thanks so much! If you had named running using the old rc scripts and config in 10 you will need to: 1) Backup your zones stop named 2) Delete /var/named/* 3) Create a new symlink in etc to /usr/local/etc/namedb 4) Restore your zones 5) Start named from the new rc script Sorry I forgot also that if if you don't specify the location of named in the rc.conf: named_program=/usr/local/sbin/named You will get an error message: root@hp:/etc # /usr/local/etc/rc.d/named start /usr/local/etc/rc.d/named: WARNING: run_rc_command: cannot run /usr/sbin/named Those are observations from a test machine that I use which was running bind with the old rc style. Thanks -- George Kontostanos --- http://www.aisecure.net ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Wed, Nov 06, 2013 at 02:59:15PM +0100, Erwin Lansing wrote: E E Erwin, can you please handle that? E E Things are much worse that this, the ports are completely written under the assumption that there is a Bind in base, which of course would already break with WITHOUT_BIND before Bind was completely removed. It will be hard to fix without breaking the installed base of 8 and 9. Sigh. E E I'll try to work on it this week, but unfortunately have a full schedule of meetings and travel as well. Suggestion. An option to install the rc script would solve that problem. If only it was that simple, it would have been done a long time ago. As Gleb points out, the ports are broken by design. The rc script needs a complete rewrite, and that's only after fixing all configuration files, setting up chroot, etc etc and all that while not breaking the installed base on 8 and 9. I spent most of yesterday on this and if I'm lucky, I'm halfway through. Sorry about the delay, but I did finally update all three dns/bind9* ports today. I have dropped the complicated chroot, and related symlinking, logic from the default rc script as I don't think that is the right place to implement things. I would recommend users who want the extra security to use jail(8) instead of a mere chroot. This change should not affect the installed base of FreeBSD 9.x and earlier systems, but new installations there should note that the symlink option is no longer turned on by default, but still supported. I tested some default cases, but by no means can test every corner case, so please let me know how this works out. Best, Erwin ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Mon, Nov 4, 2013 at 6:34 PM, Gleb Smirnoff gleb...@freebsd.org wrote: On Mon, Nov 04, 2013 at 12:11:02PM +0100, Erwin Lansing wrote: E On Mon, Nov 04, 2013 at 01:41:01AM +0200, George Kontostanos wrote: E G Am 03.11.2013 um 23:06 schrieb Gleb Smirnoff gleb...@freebsd.org : E G E G On Sun, Nov 03, 2013 at 10:05:02PM +0200, Özkan KIRIK wrote: E G Ö Altough bind removed from FreeBSD 10 distribution, /etc/rc.d/named E G script E G Ö still exists. E G Ö and this script depends on /etc/mtree/BIND.chroot.dist file but E G there is E G Ö no such file in source tree. E G Ö I think this file was forgotten to be removed. E G Ö E G Ö And also, named_* definitions still exists in /etc/defaults/rc.conf E G file. E G E G Please review attached file that removes named from /etc. E G E G It would be great if the port would learn to install its own script etc. E G in time for that change. (Unless it’s already there, and I’m just too blind E G to see it.) E G E G No you are not blind. Installing bind from ports still relies on the E G /etc/rc.d/named script. E E Erwin, can you please handle that? E E Things are much worse that this, the ports are completely written under the assumption that there is a Bind in base, which of course would already break with WITHOUT_BIND before Bind was completely removed. It will be hard to fix without breaking the installed base of 8 and 9. Sigh. E E I'll try to work on it this week, but unfortunately have a full schedule of meetings and travel as well. Suggestion. An option to install the rc script would solve that problem. What should we do with src? IMO, we should proceed with removal of remnants of bind in src. In the worst case, if you can't handle it this week, the situation will be the following: 1) 8.x, 9.x users are okay 2) 10+.x users w/o bind are okay 3) 10+.x users with bind have problems If we skip updating src, then situation would be: 1) 8.x, 9.x users are okay 2) 10+.x users w/o bind have problems 3) 10+.x users with bind are okay I think, there are less 10.x users with bind, than 10.x without it. Please warn about this in UPDATING. I am personally use 12 FreeBSD servers as dedicated DNS servers only. -- Totus tuus, Glebius. -- George Kontostanos --- http://www.aisecure.net ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Wed, Nov 06, 2013 at 03:22:03PM +0200, George Kontostanos wrote: G IMO, we should proceed with removal of remnants of bind in src. In the G worst case, G if you can't handle it this week, the situation will be the following: G G 1) 8.x, 9.x users are okay G 2) 10+.x users w/o bind are okay G 3) 10+.x users with bind have problems G G If we skip updating src, then situation would be: G G 1) 8.x, 9.x users are okay G 2) 10+.x users w/o bind have problems G 3) 10+.x users with bind are okay G G I think, there are less 10.x users with bind, than 10.x without it. G G Please warn about this in UPDATING. I am personally use 12 FreeBSD servers G as dedicated DNS servers only. Erwin is now working on fixing the ports. Ports will be fixed soon. Actually ports were not correct even for older branches, because relying on a script from /etc/rc.d for a port is incorrect behavior. -- Totus tuus, Glebius. ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
Am 06.11.2013 um 14:59 schrieb Erwin Lansing: Suggestion. An option to install the rc script would solve that problem. If only it was that simple, it would have been done a long time ago. As Gleb points out, the ports are broken by design. The rc script needs a complete rewrite, and that's only after fixing all configuration files, setting up chroot, etc etc and all that while not breaking the installed base on 8 and 9. I spent most of yesterday on this and if I'm lucky, I'm halfway through. I'm very grateful for all that work going into making sure that people are not left stranded without working DNS after an upgrade. Thank you Erwin! Stefan -- Stefan Bethke s...@lassitu.de Fon +49 151 14070811 ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Wed, Nov 6, 2013 at 3:59 PM, Erwin Lansing er...@lansing.dk wrote: On 06/11/2013, at 14.22, George Kontostanos gkontos.m...@gmail.com wrote: On Mon, Nov 4, 2013 at 6:34 PM, Gleb Smirnoff gleb...@freebsd.org wrote: On Mon, Nov 04, 2013 at 12:11:02PM +0100, Erwin Lansing wrote: E On Mon, Nov 04, 2013 at 01:41:01AM +0200, George Kontostanos wrote: E G Am 03.11.2013 um 23:06 schrieb Gleb Smirnoff gleb...@freebsd.org: E G E G On Sun, Nov 03, 2013 at 10:05:02PM +0200, Özkan KIRIK wrote: E G Ö Altough bind removed from FreeBSD 10 distribution, /etc/rc.d/named E G script E G Ö still exists. E G Ö and this script depends on /etc/mtree/BIND.chroot.dist file but E G there is E G Ö no such file in source tree. E G Ö I think this file was forgotten to be removed. E G Ö E G Ö And also, named_* definitions still exists in /etc/defaults/rc.conf E G file. E G E G Please review attached file that removes named from /etc. E G E G It would be great if the port would learn to install its own script etc. E G in time for that change. (Unless it’s already there, and I’m just too blind E G to see it.) E G E G No you are not blind. Installing bind from ports still relies on the E G /etc/rc.d/named script. E E Erwin, can you please handle that? E E Things are much worse that this, the ports are completely written under the assumption that there is a Bind in base, which of course would already break with WITHOUT_BIND before Bind was completely removed. It will be hard to fix without breaking the installed base of 8 and 9. Sigh. E E I'll try to work on it this week, but unfortunately have a full schedule of meetings and travel as well. Suggestion. An option to install the rc script would solve that problem. If only it was that simple, it would have been done a long time ago. As Gleb points out, the ports are broken by design. The rc script needs a complete rewrite, and that's only after fixing all configuration files, setting up chroot, etc etc and all that while not breaking the installed base on 8 and 9. I spent most of yesterday on this and if I'm lucky, I'm halfway through. Erwin, sent from a phone at the train station Thank you all for your effort! -- George Kontostanos --- http://www.aisecure.net ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
[adding maintainer to Cc] On Mon, Nov 04, 2013 at 01:41:01AM +0200, George Kontostanos wrote: G Am 03.11.2013 um 23:06 schrieb Gleb Smirnoff gleb...@freebsd.org: G G On Sun, Nov 03, 2013 at 10:05:02PM +0200, Özkan KIRIK wrote: G Ö Altough bind removed from FreeBSD 10 distribution, /etc/rc.d/named G script G Ö still exists. G Ö and this script depends on /etc/mtree/BIND.chroot.dist file but G there is G Ö no such file in source tree. G Ö I think this file was forgotten to be removed. G Ö G Ö And also, named_* definitions still exists in /etc/defaults/rc.conf G file. G G Please review attached file that removes named from /etc. G G It would be great if the port would learn to install its own script etc. G in time for that change. (Unless it’s already there, and I’m just too blind G to see it.) G G No you are not blind. Installing bind from ports still relies on the G /etc/rc.d/named script. Erwin, can you please handle that? -- Totus tuus, Glebius. ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On 04 Nov 2013, at 09:34, Gleb Smirnoff gleb...@freebsd.org wrote: [adding maintainer to Cc] On Mon, Nov 04, 2013 at 01:41:01AM +0200, George Kontostanos wrote: G Am 03.11.2013 um 23:06 schrieb Gleb Smirnoff gleb...@freebsd.org: G G On Sun, Nov 03, 2013 at 10:05:02PM +0200, Özkan KIRIK wrote: G Ö Altough bind removed from FreeBSD 10 distribution, /etc/rc.d/named G script G Ö still exists. G Ö and this script depends on /etc/mtree/BIND.chroot.dist file but G there is G Ö no such file in source tree. G Ö I think this file was forgotten to be removed. G Ö G Ö And also, named_* definitions still exists in /etc/defaults/rc.conf G file. G G Please review attached file that removes named from /etc. G G It would be great if the port would learn to install its own script etc. G in time for that change. (Unless it’s already there, and I’m just too blind G to see it.) G G No you are not blind. Installing bind from ports still relies on the G /etc/rc.d/named script. Erwin, can you please handle that? Things are much worse that this, the ports are completely written under the assumption that there is a Bind in base, which of course would already break with WITHOUT_BIND before Bind was completely removed. It will be hard to fix without breaking the installed base of 8 and 9. Sigh. I'll try to work on it this week, but unfortunately have a full schedule of meetings and travel as well. Erwin ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Mon, Nov 04, 2013 at 12:11:02PM +0100, Erwin Lansing wrote: E On Mon, Nov 04, 2013 at 01:41:01AM +0200, George Kontostanos wrote: E G Am 03.11.2013 um 23:06 schrieb Gleb Smirnoff gleb...@freebsd.org: E G E G On Sun, Nov 03, 2013 at 10:05:02PM +0200, Özkan KIRIK wrote: E G Ö Altough bind removed from FreeBSD 10 distribution, /etc/rc.d/named E G script E G Ö still exists. E G Ö and this script depends on /etc/mtree/BIND.chroot.dist file but E G there is E G Ö no such file in source tree. E G Ö I think this file was forgotten to be removed. E G Ö E G Ö And also, named_* definitions still exists in /etc/defaults/rc.conf E G file. E G E G Please review attached file that removes named from /etc. E G E G It would be great if the port would learn to install its own script etc. E G in time for that change. (Unless it’s already there, and I’m just too blind E G to see it.) E G E G No you are not blind. Installing bind from ports still relies on the E G /etc/rc.d/named script. E E Erwin, can you please handle that? E E Things are much worse that this, the ports are completely written under the assumption that there is a Bind in base, which of course would already break with WITHOUT_BIND before Bind was completely removed. It will be hard to fix without breaking the installed base of 8 and 9. Sigh. E E I'll try to work on it this week, but unfortunately have a full schedule of meetings and travel as well. What should we do with src? IMO, we should proceed with removal of remnants of bind in src. In the worst case, if you can't handle it this week, the situation will be the following: 1) 8.x, 9.x users are okay 2) 10+.x users w/o bind are okay 3) 10+.x users with bind have problems If we skip updating src, then situation would be: 1) 8.x, 9.x users are okay 2) 10+.x users w/o bind have problems 3) 10+.x users with bind are okay I think, there are less 10.x users with bind, than 10.x without it. -- Totus tuus, Glebius. ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
Hi, Altough bind removed from FreeBSD 10 distribution, /etc/rc.d/named script still exists. and this script depends on /etc/mtree/BIND.chroot.dist file but there is no such file in source tree. I think this file was forgotten to be removed. And also, named_* definitions still exists in /etc/defaults/rc.conf file. ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Sun, Nov 03, 2013 at 10:05:02PM +0200, Özkan KIRIK wrote: Ö Altough bind removed from FreeBSD 10 distribution, /etc/rc.d/named script Ö still exists. Ö and this script depends on /etc/mtree/BIND.chroot.dist file but there is Ö no such file in source tree. Ö I think this file was forgotten to be removed. Ö Ö And also, named_* definitions still exists in /etc/defaults/rc.conf file. Please review attached file that removes named from /etc. -- Totus tuus, Glebius. Index: etc/defaults/periodic.conf === --- etc/defaults/periodic.conf (revision 257584) +++ etc/defaults/periodic.conf (working copy) @@ -137,10 +137,6 @@ daily_status_mail_rejects_enable=YES # Check m daily_status_mail_rejects_logs=3 # How many logs to check daily_status_mail_rejects_shorten=NO # Shorten output -# 470.status-named -daily_status_named_enable=YES -daily_status_named_usedns=YES# DNS lookups are ok - # 480.status-ntpd daily_status_ntpd_enable=NO# Check NTP status Index: etc/defaults/rc.conf === --- etc/defaults/rc.conf (revision 257584) +++ etc/defaults/rc.conf (working copy) @@ -256,6 +256,7 @@ hostapd_enable=NO # Run hostap daemon. syslogd_enable=YES # Run syslog daemon (or NO). syslogd_program=/usr/sbin/syslogd # path to syslogd, if you want a different one. syslogd_flags=-s # Flags to syslogd (if enabled). +altlog_proglist= # List of chrooted applicatioins in /var inetd_enable=NO # Run the network daemon dispatcher (YES/NO). inetd_program=/usr/sbin/inetd # path to inetd, if you want a different one. inetd_flags=-wW -C 60 # Optional flags to inetd @@ -267,23 +268,6 @@ hastd_program=/sbin/hastd # path to hastd, if yo hastd_flags= # Optional flags to hastd. ctld_enable=NO # CAM Target Layer / iSCSI target daemon. local_unbound_enable=NO # local caching resolver -# -# named. It may be possible to run named in a sandbox, man security for -# details. -# -named_enable=NO # Run named, the DNS server (or NO). -named_program=/usr/sbin/named # Path to named, if you want a different one. -named_conf=/etc/namedb/named.conf # Path to the configuration file -#named_flags= # Use this for flags OTHER than -u and -c -named_uid=bind # User to run named as -named_chrootdir=/var/named # Chroot directory (or not to auto-chroot it) -named_chroot_autoupdate=YES # Automatically install/update chrooted -# components of named. See /etc/rc.d/named. -named_symlink_enable=YES # Symlink the chrooted pid file -named_wait=NO # Wait for working name service before exiting -named_wait_host=localhost # Hostname to check if named_wait is enabled -named_auto_forward=NO # Set up forwarders from /etc/resolv.conf -named_auto_forward_only=NO # Do forward only instead of forward first # # kerberos. Do not run the admin daemons on slave servers Index: etc/freebsd-update.conf === --- etc/freebsd-update.conf (revision 257584) +++ etc/freebsd-update.conf (working copy) @@ -35,7 +35,7 @@ UpdateIfUnmodified /etc/ /var/ /root/ /.cshrc /.pr # When upgrading to a new FreeBSD release, files which match MergeChanges # will have any local changes merged into the version from the new release. -MergeChanges /etc/ /var/named/etc/ /boot/device.hints +MergeChanges /etc/ /boot/device.hints ### Default configuration options: Index: etc/namedb/Makefile === --- etc/namedb/Makefile (revision 257584) +++ etc/namedb/Makefile (working copy) @@ -1,11 +0,0 @@ -# $FreeBSD$ - -SUBDIR= master - -FILES= named.conf named.root - -NO_OBJ= -FILESDIR= /etc/namedb -FILESMODE= 644 - -.include bsd.prog.mk Index: etc/namedb/master/Makefile === --- etc/namedb/master/Makefile (revision 257584) +++ etc/namedb/master/Makefile (working copy) @@ -1,9 +0,0 @@ -# $FreeBSD$ - -FILES= empty.db localhost-forward.db localhost-reverse.db - -NO_OBJ= -FILESDIR= /etc/namedb/master -FILESMODE= 644 - -.include bsd.prog.mk Index: etc/namedb/master/empty.db === --- etc/namedb/master/empty.db (revision 257584) +++ etc/namedb/master/empty.db (working copy) @@ -1,11 +0,0 @@ - -; $FreeBSD$ - -$TTL 3h -@ SOA @ nobody.localhost. 42 1d 12h 1w 3h - ; Serial, Refresh, Retry, Expire, Neg. cache TTL - -@ NS @ - -; Silence a BIND warning -@ A 127.0.0.1 Index: etc/namedb/master/localhost-forward.db === --- etc/namedb/master/localhost-forward.db (revision 257584) +++ etc/namedb/master/localhost-forward.db (working copy) @@ -1,11 +0,0 @@ - -; $FreeBSD$ - -$TTL 3h -localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h - ; Serial, Refresh, Retry, Expire, Neg. cache TTL - - NS localhost. - - A 127.0.0.1 - ::1 Index:
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
Am 03.11.2013 um 23:06 schrieb Gleb Smirnoff gleb...@freebsd.org: On Sun, Nov 03, 2013 at 10:05:02PM +0200, Özkan KIRIK wrote: Ö Altough bind removed from FreeBSD 10 distribution, /etc/rc.d/named script Ö still exists. Ö and this script depends on /etc/mtree/BIND.chroot.dist file but there is Ö no such file in source tree. Ö I think this file was forgotten to be removed. Ö Ö And also, named_* definitions still exists in /etc/defaults/rc.conf file. Please review attached file that removes named from /etc. It would be great if the port would learn to install its own script etc. in time for that change. (Unless it’s already there, and I’m just too blind to see it.) Stean -- Stefan Bethke s...@lassitu.de Fon +49 151 14070811 ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: FreeBSD 10 Beta2 /etc/rc.d/named script and /etc/defaults/rc.conf
On Mon, Nov 4, 2013 at 12:54 AM, Stefan Bethke s...@lassitu.de wrote: Am 03.11.2013 um 23:06 schrieb Gleb Smirnoff gleb...@freebsd.org: On Sun, Nov 03, 2013 at 10:05:02PM +0200, Özkan KIRIK wrote: Ö Altough bind removed from FreeBSD 10 distribution, /etc/rc.d/named script Ö still exists. Ö and this script depends on /etc/mtree/BIND.chroot.dist file but there is Ö no such file in source tree. Ö I think this file was forgotten to be removed. Ö Ö And also, named_* definitions still exists in /etc/defaults/rc.conf file. Please review attached file that removes named from /etc. It would be great if the port would learn to install its own script etc. in time for that change. (Unless it’s already there, and I’m just too blind to see it.) Stean -- Stefan Bethke s...@lassitu.de Fon +49 151 14070811 ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org No you are not blind. Installing bind from ports still relies on the /etc/rc.d/named script. Best -- George Kontostanos --- http://www.aisecure.net ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
