[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: bind9-chroot (was: questions on ITP)



On 01-09-26 Riku Voipio wrote:
> On Tue, Sep 25, 2001 at 04:34:31PM +0200, Christian Kurz wrote:
> > On 01-09-25 Steve Greenland wrote:
> > > I am so tired of hearing things like this. Nobody is forcing anyone to
> > > do anything. We already "force" them to use 2.2 instead of still using
> > > 2.0. You want the functionality, you use the right tools. You want to
 
> > Were exactly do we force them? Which debian packages do not work well
> > with a 2.0.x kernel?
 
> apt-cache search usb
 
> for example.

Which package exactly do you mean? I don't see any package in that list
which would force you to use a kernel 2.4.x. Also do you really want to
compare hardware for the usb port with a daemon that you run on a
server?

> > > stick with 2.2, then *you* deal with the issues. The maintainers have
 
> > That's a nice attitude, which will lead to the situation that
> > people, especially administrators, will move away from debian to either
> > other distributions, a bsd flavour or other free operating systems.

> Forcing new users to deal with historic burden is not an answer.

Pardon? New users are absolutely not forced to deal with historic
burden. I'm just proposing that any script or debian package which
offers to create a bind chroot should not depend on new kernel specific
stuff like mount -bind. 

> I really can't understand your problem with limiting chroot bind9 
> feature to kernels with --bind mounts support. They still can run bind9 
> perfectly, although less securely. 

So, you want to either force every admin running bind9 to either upgrade
to kernel 2.4.x or have a less secure system? That's like I stated
before a good approach if you want to have people move to some other
distribution or free operating system, but not to have people use debian
anymore.
 
> If 2.2 kernel users want chrooted bind, they 

> a) have already done it - no extra work

So let's forget those users and ignore that they maybe also happy about
having a debian package set up a chroot for them?

> b) upgrade to 2.4       - sheez, that was hard...

Which is not always an option. 

Christian
-- 
           Debian Developer (http://www.debian.org)
1024/26CC7853 31E6 A8CA 68FC 284F 7D16  63EC A9E6 67FF 26CC 7853

Attachment: pgpmAjBjo15Er.pgp
Description: PGP signature


Reply to: