[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: BIND 9: substantially updated: https://wiki.debian.org/BIND9


On 15/9/25 16:58, jeremy ardley wrote:
That is the primary zone directory is /var/lib/bind and "keys" is a relative path to the primary zone directory so /var/lib/bind/keys
The reasoning is that /var/cache should be only for stuff that can be deleted and /var/lib should be stuff that is unique to the system but is maintained by a package
I add that /etc 'should' be configuration and the other system directories contain data managed by that configuration.
In reality many packages put all the config and  data into /etc subdirectories, but once you start scaling the data, it's not so much about efficiency as data management and access management.
Scalable internet facing systems on principle should be sandboxed or chroot. If the directory structure supports that at even the smallest scale, applications will typically not need access to /etc. This can be enforced by chroot etc 

So putting your data outside /etc is a generally good principle.
Reply to: