On Fri, Sep 07, 2018 at 06:15:59PM +0200, Mark Elkins wrote: > I kinda also wonder why the command simply doesn't output to stdout by > default. The *only* reason I've ever run the command "rndc secroots" is > to look at the output, that is, checking for the correct DNSKEY > root-anchors - which I then need to use "cat" to see... if the file is > correctly created... and if I remember where to look for it. > If I wanted the output in a file, I can always redirect stdout. > Sending output to stdout allows me to easily "filter" the output as well > with other tools. > > Perhaps Evan can comment?
For a long time, the text that could be sent back over the rndc channel from named was limited to a smallish fixed-size buffer -- I think it was 2K or something. If an rndc command produced output, but we couldn't be sure the output would be smaller than that buffer, we'd write it to a file instead. At some point -- in 9.11, I think? -- it occurred to us that the size limitation wasn't a law of physics, and we could get rid of it. So now there are several rndc commands that print useful amounts of text, but since "secroots" already existed before that change, we left its default behavior the same as it had been before, and added a "-" option to return text over the command channel. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users