On 28/09/01 Ethan Benson wrote:
> On Fri, Sep 28, 2001 at 10:15:09AM +0200, Christian Kurz wrote:
> > > lets not exaggerate, the only distribution i know that actually
> > Where I'm an exaggerating, I'm just describing the problem and how one
> > possible one to handle it would be.
> you are making grandiose claims that people will abandon debian in
> droves to use other distros if debian does not supply quick and
> automatic chroot options for bind. i counter that the other
No, please reread my previous mails: I claim that people will abandon
debian, if we only support chrooting bind via mount --bind and not
offering alternative at least for users of kernel 2.2.x.
> distributions don't chroot bind by default nor offer chroot as an
> option, you have to do it manually.
Right, but is that a good reason to just support chroot for those
administrators running 2.4.x and not for mostly all administrators?
> so why would someone abandon debian if they have to do a chroot config
> manually under 2.2 kernels when they have to do it manually on all the
> other dists no matter what kernel they use?
At least I would be upset if I install a bind package which just offers
to chroot itself when I use kernel 2.4.x and not when I use a kernel
2.2.x. That would offend me and make me look for an other distribution
where either I get full support for chrooting bind or completely do it
manually, independent from the kernel version.
> > > chroots bind by default is OpenBSD. it wasn't until very recently
> > It's not about the problem of having chroot by default. Having a script
> > that is invoked upon user interaction that generates the chroot would in
> > my opinion be also an acceptable solution. We just shouldn't have a
> > solution for chrooting bind that depends on kernel 2.4.x features.
> I think respecting debian policy is more important then supporting 2.2
> kernels for chrooted bind.
Then please respect also the Debian Free Software Guidelines, that
clearly state:
| 4. Our Priorities are Our Users and Free Software
|
| We will be guided by the needs of our users and the free-software
| community. We will place their interests first in our priorities. We
> the only real options for 2.2 are:
> 1: rsync /etc/bind to $chroot/etc/bind in the initscript on start.
> 2: violate policy and move the config files out of /etc
> option 1 sucks since you have to fully restart bind to make changes to
> your configs instead of merly sending a SIGHUP (or is that even
> needed?)
Hm, I would say that rndc (ndc for bind 8) would still work, so that you
would only need SIGHUP seldom. So option 1 sounds like a possible
solution to me.
> option 2 is unnacceptable IMO, and really in fact by current policy,
> and throwing away policy would be foolish since thats what makes
> debian such high quality distribution.
Agreed, but that's why we have option 1. ;-)
Christian
--
Debian Developer (http://www.debian.org)
1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853
Attachment:
pgplvL6zhMBYM.pgp
Description: PGP signature