On 10/19/2012 11:57 PM, Chris Buxton wrote: > On Oct 19, 2012, at 6:22 PM, Warren Kumari wrote: >> On Oct 19, 2012, at 9:17 PM, "Michael Hoskins (michoski)" >> <micho...@cisco.com> wrote: >>> -----Original Message----- >>>> On Oct 19, 2012, at 6:13 PM, Alan Clegg <a...@clegg.com> wrote: >>>> >>>>> >>>>> On Oct 18, 2012, at 1:13 PM, Chris Thompson <c...@cam.ac.uk> wrote: >>>>> >>>>>> On Oct 18 2012, Jeremy C. Reed wrote: >>>>>> >>>>>>> On Thu, 18 Oct 2012, Jack Tavares wrote: >>>>>>> >>>>>>>> I am running bind9.8.x built from source and I see this message in >>>>>>>> the logs >>>>>>>> built with '--prefix=/blah' '--sbindir=/blah' '--sysconfdir=/blah' >>>>>>>> '--localstatedir=/var' '--exec-prefix=/usr' '--libdir=/usr/lib' >>>>>>>> '--mandir=/usr/share/man' '--with-openssl=/blah' >>>>>>>> '--enable-fixed-rrset' '--enable-shared' '--enable-threads' >>>>>>>> '--enable-ipv6' '--with-libtool' etc etc etc I would prefer to not >>>>>>>> have that show up in the log. >>>>>>>> Short of modifying the source, is there an easy way to disable that? >>>>>>> >>>>>>> No way to disable just it. It is in the "general" catch-all category. >>>>>> >>>>>> Also, it is output before the configuration "logging" directives have >>>>>> been >>>>>> processed, so it comes out with the internal defaults for category and >>>>>> priority (daemon.notice). Any suppression would need to be done at the >>>>>> syslog level. >>>>>> >>>>>> But I have some difficulty understanding why anyone would want it >>>>>> suppressed. >>>>>> It's true that BIND is a bit noisier than it used to be at this stage, >>>>>> but >>>>>> can this really be a problem? Do you let the black hats see your >>>>>> system logs? >>>>> >>>>> >>>>> This message was added by general recognition that being able to >>>>> rebuild a "drop-in" binary for BIND when you didn't have access to the >>>>> build directory (where the config.log contains the information) was a >>>>> good thing. >>>> >>>> Yah, a very good thingŠ This has been really really useful to me on a >>>> number of occasionsŠ >>>> >>>>> >>>>> I, for one, see no reason to suppress this message (but I do have blind >>>>> spots at times). >>>> >>>> Me neither, but I am interested why folk might want toŠ >>> >>> Maybe it's viewed as information disclosure? >> >> Ah, that's a good point, especially if BIND is being incorporated into an >> appliance / black box and there is no need for the users of the appliance to >> know what all goes on under the hood? > > An an employee of the maker of an appliance solution, I can say that we > gladly tell our customers what's going on under the hood. If we didn't, they > wouldn't trust us.
Does this log message provide any information that the -V option doesn't provide? $ named -V BIND 9.8.0-P4 built with '--prefix=/blah' '--exec-prefix=/blah' '--enable-threads' '--enable-ipv6' 'CFLAGS=-O2 -march=native ...and so on... using OpenSSL version: OpenSSL 1.0.0d 8 Feb 2011 using libxml2 version: 2.7.8 -DMM _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users