Re: NMU'ing for wishlist bugs? (aka: intent to NMU bind9)

To: debian-devel@lists.debian.org
Subject: Re: NMU'ing for wishlist bugs? (aka: intent to NMU bind9)
From: Andres Salomon <dilinger@mp3revolution.net>
Date: Thu, 12 Sep 2002 02:40:46 -0400
Message-id: <[🔎] 20020912064046.GA31840@chunk.voxel.net>
In-reply-to: <[🔎] E17p63t-0004Od-00@gondolin.me.apana.org.au>
References: <[🔎] 20020910191448.GA25311@chunk.voxel.net> <[🔎] E17p63t-0004Od-00@gondolin.me.apana.org.au>

I can (despite comments in bind's source saying otherwise):


[dilinger@incandescent dilinger]$ ifconfig eth1
eth1: error fetching interface information: Device not found
[dilinger@incandescent dilinger]$ sudo lsof -ni | grep 192.168          
[dilinger@incandescent dilinger]$ sudo /etc/init.d/networking restart
Reconfiguring network interfaces: done.
[dilinger@incandescent dilinger]$ ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 00:50:BA:D8:1A:16  
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:27 errors:0 dropped:0 overruns:0 frame:0
          TX packets:21 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:2426 (2.3 KiB)  TX bytes:1982 (1.9 KiB)
          Interrupt:5 Base address:0xf00 
                                    
[dilinger@incandescent dilinger]$ sudo lsof -ni | grep 192.168
named   186   bind   16u  IPv4   4370       UDP 192.168.0.1:domain 
named   186   bind   17u  IPv4   4371       TCP 192.168.0.1:domain
(LISTEN)
named   186   bind   18u  IPv4   4372       UDP 192.168.1.1:domain 
named   186   bind   19u  IPv4   4373       TCP 192.168.1.1:domain
(LISTEN)
named   187   bind   16u  IPv4   4370       UDP 192.168.0.1:domain 
named   187   bind   17u  IPv4   4371       TCP 192.168.0.1:domain
(LISTEN)
named   187   bind   18u  IPv4   4372       UDP 192.168.1.1:domain 
named   187   bind   19u  IPv4   4373       TCP 192.168.1.1:domain
(LISTEN)
named   188   bind   16u  IPv4   4370       UDP 192.168.0.1:domain 
named   188   bind   17u  IPv4   4371       TCP 192.168.0.1:domain
(LISTEN)
named   188   bind   18u  IPv4   4372       UDP 192.168.1.1:domain 
named   188   bind   19u  IPv4   4373       TCP 192.168.1.1:domain
(LISTEN)
named   189   bind   16u  IPv4   4370       UDP 192.168.0.1:domain 
named   189   bind   17u  IPv4   4371       TCP 192.168.0.1:domain
(LISTEN)
named   189   bind   18u  IPv4   4372       UDP 192.168.1.1:domain 
named   189   bind   19u  IPv4   4373       TCP 192.168.1.1:domain
(LISTEN)
named   190   bind   16u  IPv4   4370       UDP 192.168.0.1:domain 
named   190   bind   17u  IPv4   4371       TCP 192.168.0.1:domain
(LISTEN)
named   190   bind   18u  IPv4   4372       UDP 192.168.1.1:domain 
named   190   bind   19u  IPv4   4373       TCP 192.168.1.1:domain
(LISTEN)
[dilinger@incandescent dilinger]$ grep -C3 options /etc/bind/named.conf 
// this configuration file.
//

options {
        directory "/var/cache/bind";
        pid-file "/var/run/bind/named.pid";
        interface-interval 1;
[dilinger@incandescent dilinger]$ 

The change in interface interval is due to the fact that the default
interval is 60 mins; a bit of a wait.  Whether or not this is
appropriate for folks w/ dynamic interfaces, I'm not too sure.  Logic
would dictate that someone w/ a dynamic interface, running any sort of
dns server (caching or authoritive) would have their interfaces sticking
around for quite a while, to the point where a 60 minute interval
wouldn't be that bad; however, applying logic to unix administrators has
failed me in the past...


On Wed, Sep 11, 2002 at 09:53:37PM +1000, Herbert Xu wrote:
> 
> Andres Salomon <dilinger@mp3revolution.net> wrote:
> > It's been over 3 months since I submitted a patch for bind9, to
> > implement named running as a non-root user by default (#149059).  I 
> > tested the patch, and hoped to get some feedback (_any_ real feedback)
> > from the maintainer; I have not gotten any.  So, unless anyone has some
> > serious objections, I will NMU bind9.  It is embarrassing that we still,
> > to this day, ship a bind9 package that runs as root by default
> > (especially given bind's track record, wrt security).
> 
> Do not do this unless you can make it attach to new interfaces that
> come up.  Otherwise you risk breaking existing setups silently where
> there are interfaces that come up after bind is started, e.g., VPNs.
> -- 
> Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
> Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 

-- 
Buying a Unix machine guarantees you a descent into Hell. It starts when
you plug the computer in and it won't boot. Yes, they really did sell you
a $10,000 computer with an unformatted disk drive.
	-- Philip Greenspun

Reply to:

Follow-Ups:
- Re: NMU'ing for wishlist bugs? (aka: intent to NMU bind9)
  - From: Herbert Xu <herbert@gondor.apana.org.au>

References:
- NMU'ing for wishlist bugs? (aka: intent to NMU bind9)
  - From: Andres Salomon <dilinger@mp3revolution.net>
- Re: NMU'ing for wishlist bugs? (aka: intent to NMU bind9)
  - From: Herbert Xu <herbert@gondor.apana.org.au>

Prev by Date: autoconf weirdness
Next by Date: Re: Bug#160284: ITP: po-debconf -- Manage translated Debconf templates files with gettext
Previous by thread: Re: NMU'ing for wishlist bugs? (aka: intent to NMU bind9)
Next by thread: Re: NMU'ing for wishlist bugs? (aka: intent to NMU bind9)
Index(es):
- Date
- Thread