issues. Most are pretty easy to over-come.
Maybe it might be good to have a sysctl to not do any checks at all so it
acts like a chroot like security.jail.param.allow.all?
Doug A.
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org
Alexander Leidinger writes:
| On Thu, 19 May 2011 10:24:59 -0700 (PDT) Doug Ambrisko
| ambri...@ambrisko.com wrote:
|
| doesn't have access to it anymore either. Running an X server in a
| vimage has some issues. Most are pretty easy to over-come.
|
| Are you using my patch
| (http
Alexander Leidinger writes:
| Quoting Doug Ambrisko ambri...@ambrisko.com (from Thu, 19 May 2011
| 14:38:40 -0700 (PDT)):
|
| Alexander Leidinger writes:
| | On Thu, 19 May 2011 10:24:59 -0700 (PDT) Doug Ambrisko
| | ambri...@ambrisko.com wrote:
| |
| | doesn't have access to it anymore
On 05/31/2011 07:39, Alexander Best wrote:
...which leads me to the conclusion that -O should be set when DEBUG was
defined: an all ARCHS.
+1
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of
On 07/09/2011 07:54, Gabor Kovesdan wrote:
Anyway, consider sendmail and BIND. I think these are important enough
to get some more protection.
What additional protection could capsicum offer beyond chroot'ing?
(That's not a snark, I don't quite understand all the moving parts here.)
Doug
, and from executing any
system calls.
Fair enough, although I'd love to see an actual threat analysis before I
concluded that BIND should be close to the top of the list.
Thanks for the response,
Doug
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK
There also seems to be a bug with the new boot loader that if you bounce
out to the prompt and do 'boot kernel.other' the kern.module_path sysctl
is not updated. It still lists /boot/kernel first; but that should be
replaced by /boot/kernel.other.
--
Nothin' ever doesn't change, but
On 07/17/2011 20:40, Devin Teske wrote:
What release are you running?
Recent HEAD
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :)
Please stop cross-posting to multiple lists. If you want review for an
rc.d issue post it to freebsd-rc@.
Thanks,
Doug
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the DNS
On 09/02/2011 07:07, Jarrod Lee Petz wrote:
We have an AIX system
It's not clear to me what the FreeBSD related problem is here.
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the
On 09/02/2011 17:51, Jarrod Lee Petz wrote:
Hi Doug,
The problem itself is currently seen on AIX yes.
So you're much more likely to get help on an AIX list.
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience
On 09/03/2011 06:46, Erik Trulsson wrote:
On Fri, Sep 02, 2011 at 10:25:11PM -0700, Doug Barton wrote:
On 09/02/2011 17:51, Jarrod Lee Petz wrote:
Hi Doug,
The problem itself is currently seen on AIX yes.
So you're much more likely to get help on an AIX list.
Unlikely, since what he
On 09/28/2011 13:26, Colin Barnabas wrote:
I found a hello world program written in assembly language which
runs on my amd64 8.2 stable box. However, I can not seem to get
it to print a new line. Any suggestions on how to print a line
feed in assembly?
No, we will not help you do your compsci
On 10/10/2011 11:55, David Brodbeck wrote:
Is there any reason to cache negative hits?
It's very important for DNS since there are a fairly large number of
misbehaving applications that don't stop querying until they get some
kind of answer.
And speaking of DNS, while I think that improving
On 11/02/2011 13:28, Mark Saad wrote:
Hackers
What is going on here, if I run the following shell script, what is
the expected output . The script is named xxx
#!/bin/sh
ps -ax | grep -v grep | grep xxx
Here is what I see
# sh xxx
88318 p0 S+ 0:00.00 sh xxx
88320 p0 R+
On 11/02/2011 22:07, Deepak Gupta wrote:
6.3 release
... is well past EOL. You'd want to run your tests with something more
recent ... ideally with 9.0-RC1, or at minimum 8-stable.
--
We could put the whole Internet into a book.
Too practical.
On 11/25/2011 00:12, Cy Schubert wrote:
In message 2025070241.ga7...@dataix.net, Jason Hellenthal writes:
List,
When using @reboot with cron you expect your proccesses to always start when
the system boots up and only when the system boots. But long after the system
in question had
On 11/25/2011 00:29, Stefan Bethke wrote:
I didn't even know cron had this feature. Why wouldn't you add custom rc.d
scripts for these tasks, or add the commands to rc.local?
Personally I find this feature very useful for unprivileged users to do
their own stuff at startup.
Doug
the @reboot jobs. I'm not quite so sure that
the current behavior needs to be preserved though ... I doubt people
purposely restart cron often enough to be anything but surprised by the
current behavior.
Doug
--
We could put the whole Internet into a book.
Too
On 11/25/2011 16:16, Tim Kientzle wrote:
On Nov 25, 2011, at 2:08 PM, Doug Barton wrote:
On 11/25/2011 08:09, Cy Schubert wrote:
You're right. Sorry. It was late, after a long night of O/T.
Actually I was in the same boat, which is why my reply was even grumpier
than usual, sorry
On 11/25/2011 23:08, Cy Schubert wrote:
If average users really do need to run something at boot they're likely
running some kind of service
I don't think second-guessing what users are doing is going to be a
useful exercise here. I will also tell you flat out that this is not the
only use for
be to upgrade to 7-stable.
hth,
Doug
--
[^L]
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :) http://SupersetSolutions.com/
___
freebsd-hackers@freebsd.org mailing list
http
on the new driver that are being worked out
by a few people. It supports all current LSI MegaRAID cards.
So things should get better in the near future.
Thanks,
Doug A.
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo
On 01/04/2012 15:42, Jung-uk Kim wrote:
Do we care about submitting it back to NetBSD?
The answer to this question is always yes. :) We work hard to maintain
good relationships with the other BSDs, and sharing improvements to
common code is a critical component to that.
Doug
--
You
Looping in hrs@ because he's the author of those changes.
On 01/06/2012 11:35, Mark Felder wrote:
On Fri, 06 Jan 2012 12:49:45 -0600, Sergey Kandaurov pluk...@gmail.com
wrote:
You mean ipv6_activate_all_interfaces=YES ?
Yes... Unfortunately that's what I get for typing it manually and
You'll probably get a better response from freebsd-stable@.
Good luck,
Doug
--
You can observe a lot just by watching. -- Yogi Berra
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :) http://SupersetSolutions.com
On 01/16/2012 16:02, Julian Elischer wrote:
It pretty much boils down to one thing.. man power..
If the basic design of the system is wrong, it doesn't matter how many
person-hours you throw at it (or don't).
--
It's always a long day; 86400 doesn't fit into a short.
Breadth
be a great excuse for slipping the
support schedule for 8 so that we could release 9.0 not-too-long before
7 was about to go EOL, and make the 8/9/10 release schedules fit the
new, (hopefully) more rational model. Perhaps we can reconsider that
idea for 10.0.
Doug
--
It's always a long day
is to learn from the mistakes that were made, and
figure out how we can make *reasonable* plans for both new features, and
the framework for the future development that we want; without making
the all or nothing mistake again.
Doug
--
It's always a long day; 86400 doesn't fit into a short
that with the ideas that are being put forward about teams that
own a production branch, and a more frequent stripped-down release
process, I think this is a very workable model.
Doug
--
It's always a long day; 86400 doesn't fit into a short.
Breadth of IT experience, and depth
On 01/18/2012 16:58, Dieter BSD wrote:
The original goal for 5.0 was to completely remove the Giant lock (and
do other cool SMP-related stuff). Eventually it was realized that this
was too big a goal to fully accomplish in 5.0 (albeit too late in the
process) and the goal was changed to do the
On Thu, 19 Jan 2012, John Kozubik wrote:
Hi Doug,
On Wed, 18 Jan 2012, Doug Barton wrote:
On 01/18/2012 11:46, John Kozubik wrote:
- mark 9 as the _only_ production release
While I understand your motivation, I am not sure this is a workable
goal when combined with the goal that others
.
Obviously you have to have everything in kernel and/or loader.conf
that's necessary to get your local disks available, and the system to
the point where it can start running rc. But everything else can go in
kld_list.
hth,
Doug
--
It's always a long day; 86400 doesn't fit into a short
On 02/18/2012 10:43, per...@pluto.rain.com wrote:
Doug Barton do...@freebsd.org wrote:
loading modules through loader.conf is
veeryy slooww ...
Is it noticeably slower to load (say) a 6MB kernel + 2MB of
modules than to load an 8MB kernel?
I don't know
On 02/19/2012 08:13, per...@pluto.rain.com wrote:
Given the context of the thread, this:
loading modules through loader.conf is
veeryy slooww ...
seemed to be an objection to modularizing the kernel.
The only way you could come to that conclusion is if you
On 02/20/2012 08:54, Alex Goncharov wrote:
,--- You/Tom (Mon, 20 Feb 2012 14:44:09 +) *
| On Sat, Feb 18, 2012 at 1:14 AM, Doug Barton do...@freebsd.org wrote:
| Because loading modules through loader.conf is
| veeryy slooww I added an rc.d script called
? This change surprised me, wasn't mentioned
in /usr/src/UPDATING,
You're supposed to compare your existing kernel config to the new
GENERIC every time you do a major version upgrade. That would have made
the change quite obvious.
Doug
--
It's always a long day; 86400 doesn't fit into a short
On 02/20/2012 07:23, Patrick Powell wrote:
Oooh! Ahhh! Just what I was looking for. l will extract this from 9
and put it on my system.
Glad you like it. :) One thing though, you're actually better off
updating to the latest -stable of whatever branch you're using, some
work has gone into
On 02/21/2012 02:49, Tom Evans wrote:
On Mon, Feb 20, 2012 at 9:10 PM, Doug Barton do...@freebsd.org wrote:
On 02/20/2012 06:44, Tom Evans wrote:
Whatever happened to POLA? This change surprised me, wasn't mentioned
in /usr/src/UPDATING,
You're supposed to compare your existing kernel config
.html
Other developments are described in their release notes:
http://www.dragonflybsd.org/release30/
The 4.5 times improvement by enabling kern.ipc.shm_use_phys is pretty
notable, what prevents us from enabling that by default?
Doug
--
It's always a long day; 86400 doesn't fit
On 02/23/2012 05:22, John Baldwin wrote:
On Wednesday, February 22, 2012 9:59:02 pm Doug Barton wrote:
On 02/22/2012 01:42, Ivan Voras wrote:
The Dragonfly team has recently liberated their VM from the giant lock and
there are some interesting benchmarks comparing it to FreeBSD 9
On 3/1/2012 1:14 PM, John Baldwin wrote:
My firefox on my BSD desktop was caching the image.
Holding down Shift when clicking reload usually handles this.
hth,
Doug
--
It's always a long day; 86400 doesn't fit into a short.
Breadth of IT experience, and depth
On 03/02/2012 08:52, John Baldwin wrote:
On Thursday, March 01, 2012 5:23:11 pm Doug Barton wrote:
On 3/1/2012 1:14 PM, John Baldwin wrote:
My firefox on my BSD desktop was caching the image.
Holding down Shift when clicking reload usually handles this.
Only if you already know that FF
| + */
| +if (!resource_disabled(acpi, 0))
| + return;
| +/*
| * BIOS32 Service Directory, PCI BIOS
| */
|
That seems reasonable to me.
Doug A.
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo
going into /usr/bin, not
sbin.
That's not the dividing line, please read hier(7). This should be
introduced as a port in /usr/local/sbin to start with, and then we'll
see how it goes from there.
Doug
___
freebsd-hackers@freebsd.org mailing list
http
-net@. Second, according to
https://tools.ietf.org/html/rfc1122 that RFC has been updated quite a
bit over the last 23 years. Have you followed that chain upwards to make
sure that your concerns are still valid?
Doug
--
This .signature sanitized for your protection
changed
since then.
Doug
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to freebsd-hackers-unsubscr...@freebsd.org
over a year ago, many many things have changed
since then.
Doug
So you're saying that he should have been using 8.3-RELEASE, then.
That isn't what I said at all, sorry if I wasn't clear. The OP mentioned
9.0-RELEASE, and in the context of his message (which I snipped) he
mentioned 8-stable
testing a newer
version. 8.2 came out over a year ago, many many things have changed
since then.
Doug
So you're saying that he should have been using 8.3-RELEASE, then.
That isn't what I said at all, sorry if I wasn't clear. The OP mentioned
9.0-RELEASE, and in the context of his message
interacted with.
Doug
--
This .signature sanitized for your protection
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to freebsd-hackers-unsubscr...@freebsd.org
to a directory. So
then it is easy to build something, toss it into a directory, start
qemu and test.
Thanks,
Doug A.
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail
both the OP
and the community at large.
Doug
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to freebsd-hackers-unsubscr...@freebsd.org
Eric McCorkle writes:
| On 04/03/12 13:22, Doug Ambrisko wrote:
| EFI is a good task. For generic PC's we need an X64 format. The current
| version in FreeBSD is IA32 format. The X64 can boot i386/amd64.
| Qemu can be used to test both IA32 and X64 formats. I added some
| notes about
will test a patch to change that to echo'ing
something useful to stdout instead unless anyone has an objection.
Don't expect the result soon though, super, super, super busy with
work/life/etc. atm. And as John pointed out, it's been there for a while. :)
Doug
--
This .signature sanitized
As someone pointed out when this thread started, it's off-topic for
hackers. Please take it to advocacy.
--
It's always a long day; 86400 doesn't fit into a short.
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :)
On 06/07/2012 02:57 AM, Gleb Kurtsou wrote:
What do you think about adding generic support for overriding *_enable
options in rc.conf?
I'd like to be able to disable services at boot prompt, e.g.
# set rc.slim_enable=no -- overrides slim_enable=yes in rc.conf
Similarly rc.pf_enable=no
to always work.
b) There were problems after the cons25 - xterm conversion that have
almost all been fixed nowadays
c) Try using a simpler shell, like /bin/sh, or even /rescue/sh
d) Obviously don't try to do SUM with a shell that is not compiled static
hth,
Doug
On 06/07/2012 11:10, Andriy Gapon wrote:
on 07/06/2012 17:29 Doug Barton said the following:
On 06/07/2012 02:57 AM, Gleb Kurtsou wrote:
What do you think about adding generic support for overriding *_enable
options in rc.conf?
I'd like to be able to disable services at boot prompt, e.g
On 06/13/2012 06:50 AM, Andriy Gapon wrote:
on 09/06/2012 19:17 Doug Barton said the following:
If this were a problem we didn't already have a solution for, I'd be
much more interested in what you're proposing.
I wonder if you were in the same mindset when you worked on service(8
On 06/15/2012 11:37, rank1see...@gmail.com wrote:
*** The following files exist in /etc/rc.d but not in
/var/tmp/temproot/etc/rc.d/:
sshd
man src.conf, and search for SSH. You have one of those options defined
in your environment.
Doug
--
This .signature sanitized for your
making the boot time
faster.
But, I'm willing to be proven wrong by someone who actually _implements_
one of these systems and can demonstrate, in a statistically rigorous
fashion, how much the boot time is improved.
Doug
___
freebsd-hackers@freebsd.org
solutions where there is a
good reason to wait for a dependent service to actually be running.
This also brings up a good point, any new rc-alike solution we consider
must have support for scripts in ports that is at least as robust as
what we have now.
Doug
--
This .signature sanitized
On 6/18/2012 4:05 PM, Richard Yao wrote:
Doug, we already have OpenRC implemented. You can install Gentoo FreeBSD
in a jail, install regular FreeBSD in another jail and do your own
performance comparisons.
Bt! Thanks for playing. :) You're the one proposing the change,
YOU get to do
.
Doug
On 06/20/2012 12:39 AM, Mark Linimon wrote:
On Tue, Jun 19, 2012 at 06:45:13PM -0400, Richard Yao wrote:
That is already done in Gentoo FreeBSD, or do you want me to do the
work for you to integrate OpenRC in the base system?
We want you to do the work to prove that it is an improvement
things we need in addition to booting faster.
To that end I like the direction that the thread is going in terms of
discussing what a new system should have. I have some thoughts about
that, but I'd like to let others talk for a while first.
Doug
___
freebsd
.
Doug
--
This .signature sanitized for your protection
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to freebsd-hackers-unsubscr...@freebsd.org
On 07/02/2012 09:25, Benjamin Kaduk wrote:
On Mon, 2 Jul 2012, David Wolfskill wrote:
Huh??!?
At least as far back as 06 Jan (based on the mtime of /etc/src.conf), I
had set up src.conf to read:
PORTS_MODULES=x11/nvidia-driver
Don't do that.
PORTS_MODULES is documented to belong in
The problem is fixed now. This time I tested build and install with the
same code. :(
Sorry for the breakage,
Doug
--
This .signature sanitized for your protection
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman
On 07/02/2012 13:41, Benjamin Kaduk wrote:
On Mon, 2 Jul 2012, Doug Barton wrote:
On 07/02/2012 09:25, Benjamin Kaduk wrote:
On Mon, 2 Jul 2012, David Wolfskill wrote:
Huh??!?
At least as far back as 06 Jan (based on the mtime of /etc/src.conf), I
had set up src.conf to read
BIND from the base
altogether, but I have no energy for all the whinging that would happen
if I tried (again) to do that.
Doug
--
This .signature sanitized for your protection
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org
On 07/03/2012 05:39, Dag-Erling Smørgrav wrote:
Doug Barton do...@freebsd.org writes:
The correct solution to this problem is to remove BIND from the base
altogether, but I have no energy for all the whinging that would happen
if I tried (again) to do that.
I don't think
important over
time as DNSSEC adoption increases, and more things begin to use it (like
DANE).
Doug
--
This .signature sanitized for your protection
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd
On 07/04/2012 10:01, Freddie Cash wrote:
On Wed, Jul 4, 2012 at 9:51 AM, Simon L. B. Nielsen si...@freebsd.org wrote:
On Tue, Jul 3, 2012 at 9:39 PM, Doug Barton do...@freebsd.org wrote:
On 07/03/2012 05:39, Dag-Erling Smørgrav wrote:
Doug Barton do...@freebsd.org writes:
The correct solution
this feature, which is pretty much universal in
linux at this point. It's very handy.
I look forward to reviewing your patches to implement it. :)
Doug
--
This .signature sanitized for your protection
___
freebsd-hackers@freebsd.org mailing list
http
about with/without $option you are
talking about a ports install, which is perfectly fine.
Other than that, if whoever actually pushes all the rocks uphill to make
the installer more modular in this regard decides to include djbdns,
more power to them. :)
Doug
--
This .signature sanitized
On 07/04/2012 15:01, Mike Meyer wrote:
On Wed, 04 Jul 2012 14:19:38 -0700
Doug Barton do...@freebsd.org wrote:
On 07/04/2012 11:51, Jason Hellenthal wrote:
What would be really nice here is a command wrapper hooked into the
shell so that when you type a command and it does not exist
On 07/04/2012 15:55, Jason Hellenthal wrote:
Seeing as sudo plays a big part of this
No ... not only is sudo not a necessary component, it shouldn't be
involved at all. The feature works on debian/ubuntu for regular
userspace commands.
Doug
--
This .signature sanitized for your
On 07/04/2012 15:57, Yuri wrote:
On 07/04/2012 15:08, Doug Barton wrote:
First, I agree that being able to turn it off should be possible. But I
can't help being curious ... why would you *not* want a feature that
tells you what to install if you type a command that doesn't exist
On 07/04/2012 16:41, Jason Hellenthal wrote:
On Wed, Jul 04, 2012 at 03:59:29PM -0700, Doug Barton wrote:
On 07/04/2012 15:55, Jason Hellenthal wrote:
Seeing as sudo plays a big part of this
No ... not only is sudo not a necessary component, it shouldn't be
involved at all. The feature
On 07/04/2012 17:30, Tim Kientzle wrote:
On Jul 4, 2012, at 4:41 PM, Jason Hellenthal wrote:
On Wed, Jul 04, 2012 at 03:59:29PM -0700, Doug Barton wrote:
On 07/04/2012 15:55, Jason Hellenthal wrote:
Seeing as sudo plays a big part of this
No ... not only is sudo not a necessary component
On 07/04/2012 21:08, Brett Glass wrote:
At 04:03 PM 7/4/2012, Doug Barton wrote:
Other than that, if whoever actually pushes all the rocks uphill to make
the installer more modular in this regard decides to include djbdns,
more power to them. :)
I'm not suggesting that everyone
they wouldn't want
to use it, but I haven't seen anything yet that says having this
feature is a universally bad idea.
Doug
--
This .signature sanitized for your protection
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org
On 07/07/2012 14:16, Bjoern A. Zeeb wrote:
On 3. Jul 2012, at 12:39 , Dag-Erling Smørgrav wrote:
Doug Barton do...@freebsd.org writes:
The correct solution to this problem is to remove BIND from the base
altogether, but I have no energy for all the whinging that would happen
if I tried
On 07/07/2012 16:33, Garrett Wollman wrote:
On Sat, 07 Jul 2012 16:17:53 -0700, Doug Barton do...@freebsd.org said:
BIND in the base today comes with a full-featured local resolver
configuration, which I'm confident that Dag-Erling can do for unbound
(and which I would be glad to assist
On 07/07/2012 16:34, Bjoern A. Zeeb wrote:
On 7. Jul 2012, at 23:17 , Doug Barton wrote:
On 07/07/2012 14:16, Bjoern A. Zeeb wrote:
On 3. Jul 2012, at 12:39 , Dag-Erling Smørgrav wrote:
Doug Barton do...@freebsd.org writes:
The correct solution to this problem is to remove BIND from
On 07/07/2012 19:44, Warner Losh wrote:
On Jul 7, 2012, at 5:33 PM, Garrett Wollman wrote:
On Sat, 07 Jul 2012 16:17:53 -0700, Doug Barton do...@freebsd.org said:
BIND in the base today comes with a full-featured local resolver
configuration, which I'm confident that Dag-Erling can do
On 07/08/2012 01:03, Bjoern A. Zeeb wrote:
On 8. Jul 2012, at 02:44 , Warner Losh wrote:
On Jul 7, 2012, at 5:33 PM, Garrett Wollman wrote:
On Sat, 07 Jul 2012 16:17:53 -0700, Doug Barton do...@freebsd.org said:
BIND in the base today comes with a full-featured local resolver
On 07/08/2012 01:07, Bjoern A. Zeeb wrote:
On 7. Jul 2012, at 23:45 , Doug Barton wrote:
On 07/07/2012 16:34, Bjoern A. Zeeb wrote:
On 7. Jul 2012, at 23:17 , Doug Barton wrote:
Other than authoritative DNS, what features does unbound lack that you
want?
DNS64 as a start.
Personally
.
Doug
--
This .signature sanitized for your protection
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to freebsd-hackers-unsubscr...@freebsd.org
On 07/07/2012 17:47, Darren Pilgrim wrote:
On 2012-07-07 16:45, Doug Barton wrote:
Also re DNSSEC integration in the base, I've stated before that I
believe very strongly that any kind of hard-coding of trust anchors as
part of the base resolver setup is a bad idea, and should not be done.
We
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 07/08/2012 10:10, Jason Hellenthal wrote:
From first impression it seems that drill(1) has a syntax that
leaves something to be desired like the eased use of host or dig.
So once again, if you need the exact capabilities of ISC host and dig,
On 07/08/2012 10:43, Garrett Wollman wrote:
On Sun, 08 Jul 2012 02:31:17 -0700, Doug Barton do...@freebsd.org said:
Neither of which has any relevance to the actual root zone ZSK, which
could require an emergency roll tomorrow.
Surely that's why there's a separate KSK. The ZSK can
On 07/08/2012 13:25, Gabor Kovesdan wrote:
On 2012.07.08. 1:17, Doug Barton wrote:
Other than authoritative DNS, what features does unbound lack that you
want?
[Picking up a random mail from the thread.]
Other than the functionality, when we replace something, it is also
important to do
On 07/08/2012 07:41, Dan Lukes wrote:
The ideal, long-term solution is to re-think what The Base is, and
give users more flexibility at install time.
Flexibility is double-edged sword.
Feel free to replace one resolver with another resolver (but don't do it
so often, please). Applications
On 07/08/2012 22:43, Avleen Vig wrote:
It would be silly not to keep bind-tools in base.
Sounds easy, but not so much in practice. Keeping any of the code
doesn't solve the problem of the release cycles not syncing up. And for
the vast majority of users needs the tools we will import will be
On 07/08/2012 23:16, Avleen Vig wrote:
On Sun, Jul 8, 2012 at 10:51 PM, Doug Barton do...@freebsd.org wrote:
On 07/08/2012 22:43, Avleen Vig wrote:
It would be silly not to keep bind-tools in base.
Sounds easy, but not so much in practice. Keeping any of the code
doesn't solve the problem
On 07/09/2012 00:34, Avleen Vig wrote:
On Sun, Jul 8, 2012 at 11:26 PM, Doug Barton do...@freebsd.org wrote:
On 07/08/2012 23:16, Avleen Vig wrote:
On Sun, Jul 8, 2012 at 10:51 PM, Doug Barton do...@freebsd.org wrote:
On 07/08/2012 22:43, Avleen Vig wrote:
It would be silly not to keep bind
.
Doug
- --
This .signature sanitized for your protection
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.19 (FreeBSD)
iQEcBAEBCAAGBQJP+0R/AAoJEFzGhvEaGryECuQIAM2CtwjuYZPpQHYojU93mF7g
ZLmTqmo8cdunpRUc66hHEirqnmnZ58LkosOugbuTgNvWAB9H2NOo25rFKkft3k0q
S+5hSqS442NNvEYrsOlBhdPlP
- to lower the barrier to
entry.
Right.
We should also change the base system to remove the most commonly used
tools for doing DNS lookups, to what was the reason again?
It's been covered at length in this thread.
We get it, change is hard.
Doug
--
This .signature sanitized for your
On 07/09/2012 06:45, Mark Blackman wrote:
Indeed, 'dig' and 'host' must be present and working as expected
in a minimally installed system.
So if you don't like the versions that get imported, install bind-tools
from ports.
Doug
--
This .signature sanitized for your protection
1001 - 1100 of 1133 matches
Mail list logo
