DragonFly kernel List (threaded) for 2004-05
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
bind-9 changeover committed.
I expect there to be a few issues for the next few days. A full
buildworld, installworld, and make upgrade is needed to bring your
systems completely uptodate.
If you are already using named you may have to make modifications to
your named.conf to support the now-default chrooted environment.
The file /usr/src/etc/namedb/README contains step by step instructions
on making bind-9 work properly with rndc.
Also note that the '-g group' option hack that we had in bind-8 no
longer exists in bind-9 (though I've asked the bind folks to add it
in officially).
Here is a summary of things to lookout for:
* Be sure to do a full build/installworld and make upgrade so the
proper /etc/namedb infrastructure is generated.
* 'ndc' no longer exists. 'rndc' is the interface program used by
bind-9 and some named.conf and key generation setup is required to
make it work (see the README above).
* The old dns security infrastructure (dnskeygen, dnsquery) no longer
exists, replaced by the new dns security infrastructure
(/usr/bin/dnssec-*).
* If enabled, named runs in a chrooted environment and as user 'bind'
by default now. Permissions and ownerhip of /etc/namedb and
subdirectories is thus very important. e.g. /etc/namedb should
be owned by root and /etc/namedb/s should be owned by user 'bind'.
Most other sub directories in /etc/namedb will be owned by root,
except /etc/namedb/var/run which is owned by 'bind'.
* named.restart is currently broken (I could use some help there).
* manual pages are currently not all installed properly (it would be
great if someone could audit and fixup the missing manual pages).
-Matt
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]