diff options
| author | dougb <dougb@FreeBSD.org> | 2004-09-28 09:46:00 +0000 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2004-09-28 09:46:00 +0000 |
| commit | a0c7847c5ba90a7ccc3ba1ea38781396bffaffe6 (patch) | |
| tree | adec461a57e953379f28f1be08a23b3081ed6d6a /UPDATING | |
| parent | d3ceec948f3a65b58d702b97a626bcd5a6120632 (diff) | |
| download | FreeBSD-src-a0c7847c5ba90a7ccc3ba1ea38781396bffaffe6.zip FreeBSD-src-a0c7847c5ba90a7ccc3ba1ea38781396bffaffe6.tar.gz | |
Create a named chroot directory structure in /var/named, and use it
by default when named is enabled. Also, improve our default directory
layout by creating /var/named/etc/namedb/{master|slave} directories,
and use the former for the generated localhost* files.
Rather than using pax to copy device entries, mount devfs in the
chroot directory.
There may be some corner cases where things need to be adjusted,
but overall this structure has been well tested on a production
network, and should serve the needs of the vast majority of users.
UPDATING has instructions on how to do the conversion for those
with existing configurations.
Diffstat (limited to 'UPDATING')
| -rw-r--r-- | UPDATING | 27 |
1 files changed, 27 insertions, 0 deletions
@@ -23,6 +23,33 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 6.x IS SLOW: developers choose to disable these features on build machines to maximize performance. +20040928: + If enabled, the default is now to run named in a chroot + "sandbox." For users with existing configurations in + /etc/namedb the migration should be simple. Upgrade your + world as usual, then after installworld but before + mergemaster do the following: + + If named is running: /etc/rc.d/named stop + cd /etc + mv namedb namedb.bak + mkdir -p /var/named/etc/namedb + cp -Rp namedb.bak/* /var/named/etc/namedb/ + mergemaster (with your usual options) + If using the generated localhost* files: + cd /var/named/etc/namedb + /bin/sh make-localhost + rm -f localhost-v6.rev localhost.rev + /etc/rc.d/named start + + If you are using a custom configuration, or if you have + customised the named_* variables in /etc/rc.conf[.local] + then you may have to adjust the instructions accordingly. + It is suggested that you carefully examine the new named + variables in /etc/defaults/rc.conf and the options in + /var/named/etc/namedb/named.conf to see if they might + now be more suitable. + 20040925: BIND 9 has been imported into the base, and is now fully functional. BIND 8 has now been removed. There are numerous |
