Review request: DNS server implementation

simo idra at
Fri Oct 15 06:06:13 MDT 2010

On Fri, 2010-10-15 at 11:03 +1100, tridge at wrote:
> Hi Simo,
>  > > This is one of the things that bit Nadya at the AD plugfest. She
>  > > thought she'd debug bind using gdb, but didn't know that she needed to
>  > > do ". /etc/default/bind" before starting gdb. The resulting errors
>  > > were not helpful :-)
>  > 
>  > Not really a bind fault ...
> I think it is. A package shouldn't have essential parameters like
> spread out in different places. People expect configuration of bind to
> be in /etc/bind, but in this case is isn't.

A lot of apps defer keytab overriding to the environment variable not
just bind. I can't say I like it, but it is not unexpected for admins
that are used to configure machines with kerberos.

>  > > yep. Now multiply this by the number of Linux distros and versions of
>  > > distros out there :-)
>  > 
>  > I can assure you it works on Fedora/RHEL with SELinux :-)
> do both of those distros have bind 9.7.2rc1 or later? It didn't work
> with any earlier version without patches.

I was referring to SELinux and Kerberos stuff.

> The pattern in Samba4 is to make things runtime options, not compile
> time options. So there would be a runtime option to enable/disable the
> builtin DNS server. That makes it much easier for people to choose
> what options they want when they use a pre-built package.
> Because the DNS server will be integrated into the samba binary, the
> additional space it takes will be tiny (maybe a few kb?).

I still wish we could isolate each server into it's own shared library,
and just let bin/samba load all of them at startup (unless configured to
not start a specific service). This way we can have both services
running in a single process for your use case but also the ability to
remove stuff one does not care about by simply not installing the
corresponding shared library.


Simo Sorce
Samba Team GPL Compliance Officer <simo at>
Principal Software Engineer at Red Hat, Inc. <simo at>

More information about the samba-technical mailing list