On 28/09/01 Ethan Benson wrote: > On Fri, Sep 28, 2001 at 10:15:09AM +0200, Christian Kurz wrote: > > > lets not exaggerate, the only distribution i know that actually > > Where I'm an exaggerating, I'm just describing the problem and how one > > possible one to handle it would be. > you are making grandiose claims that people will abandon debian in > droves to use other distros if debian does not supply quick and > automatic chroot options for bind. i counter that the other No, please reread my previous mails: I claim that people will abandon debian, if we only support chrooting bind via mount --bind and not offering alternative at least for users of kernel 2.2.x. > distributions don't chroot bind by default nor offer chroot as an > option, you have to do it manually. Right, but is that a good reason to just support chroot for those administrators running 2.4.x and not for mostly all administrators? > so why would someone abandon debian if they have to do a chroot config > manually under 2.2 kernels when they have to do it manually on all the > other dists no matter what kernel they use? At least I would be upset if I install a bind package which just offers to chroot itself when I use kernel 2.4.x and not when I use a kernel 2.2.x. That would offend me and make me look for an other distribution where either I get full support for chrooting bind or completely do it manually, independent from the kernel version. > > > chroots bind by default is OpenBSD. it wasn't until very recently > > It's not about the problem of having chroot by default. Having a script > > that is invoked upon user interaction that generates the chroot would in > > my opinion be also an acceptable solution. We just shouldn't have a > > solution for chrooting bind that depends on kernel 2.4.x features. > I think respecting debian policy is more important then supporting 2.2 > kernels for chrooted bind. Then please respect also the Debian Free Software Guidelines, that clearly state: | 4. Our Priorities are Our Users and Free Software | | We will be guided by the needs of our users and the free-software | community. We will place their interests first in our priorities. We > the only real options for 2.2 are: > 1: rsync /etc/bind to $chroot/etc/bind in the initscript on start. > 2: violate policy and move the config files out of /etc > option 1 sucks since you have to fully restart bind to make changes to > your configs instead of merly sending a SIGHUP (or is that even > needed?) Hm, I would say that rndc (ndc for bind 8) would still work, so that you would only need SIGHUP seldom. So option 1 sounds like a possible solution to me. > option 2 is unnacceptable IMO, and really in fact by current policy, > and throwing away policy would be foolish since thats what makes > debian such high quality distribution. Agreed, but that's why we have option 1. ;-) Christian -- Debian Developer (http://www.debian.org) 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853
Attachment:
pgplvL6zhMBYM.pgp
Description: PGP signature