Mahendra Prabhu writes: > With Nominum ANS we have been using the "ans_edit zone" command to > change resource records. Our current backout would be to perform another > "ans_edit zone" and manually reverse the changes. This is all very well > but if there are a lot of changes, or in editing with vi a whole lot of > resource records accidentally get deleted and written back, what do we > do?
I would put the BIND configuration files into a source code management system, such as the sccs(1) system that comes with Solaris or the GNU 'rcs' system that's available from a number of sources. Doing that provides you an easy way to track changes by the user who made them for auditing purposes, revert to previous versions, 'tag' versions with locally meaningful names, and view deltas between any two versions. Best of all, it's free, simple, and requires no special changes to the BIND software. I had thought that doing this sort of thing (particularly for DNS and NIS configuration files, but also for other application configuration files, such as apache) was standard, long-standing system administration practice. (You can also use /usr/ccs/bin/make to automate administrative tasks ...) -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
