Review request: DNS server implementation
tridge at samba.org
tridge at samba.org
Thu Oct 14 18:03:24 MDT 2010
Hi Simo,
> > This is one of the things that bit Nadya at the AD plugfest. She
> > thought she'd debug bind using gdb, but didn't know that she needed to
> > do ". /etc/default/bind" before starting gdb. The resulting errors
> > were not helpful :-)
>
> Not really a bind fault ...
I think it is. A package shouldn't have essential parameters like
spread out in different places. People expect configuration of bind to
be in /etc/bind, but in this case is isn't.
> > yep. Now multiply this by the number of Linux distros and versions of
> > distros out there :-)
>
> I can assure you it works on Fedora/RHEL with SELinux :-)
do both of those distros have bind 9.7.2rc1 or later? It didn't work
with any earlier version without patches.
Have you had a chance to try bi-directional TSIG-GSS updates with both
old and recent windows server versions and these distros? (you need to
try both w2k3 and w2k8r2, and you need to test both nsupdate -g and
the DNS server support for both cases).
> My fear is that will make bind a second class citizen to the point it
> will not work properly, plus we will have yet another daemon to care
> about, security issues, bugs, etc... the whole package.
> But as long as it is a compile option I guess I can't complain.
The pattern in Samba4 is to make things runtime options, not compile
time options. So there would be a runtime option to enable/disable the
builtin DNS server. That makes it much easier for people to choose
what options they want when they use a pre-built package.
Because the DNS server will be integrated into the samba binary, the
additional space it takes will be tiny (maybe a few kb?).
Cheers, Tridge
More information about the samba-technical
mailing list