Dave Warren via Unbound-users wrote: > On 2016-03-16 10:46, Robert Edmonds via Unbound-users wrote: > >Not quite, I want to avoid two things: > > > >1) The sysadmin should never have to update the root hints by hand. > >"apt update && apt upgrade" should upgrade any packages needed to bring > >the root hints up to date. > > > >2) The package maintainers shouldn't have to patch and rebuild each > >package with compiled in root hints when a root server is renumbered. > > At what point would a binary have a newer internal roots hints than the > filesystem root.hints file when a user is using #1 to keep updated? Is there > a subset of users who would update the binary but not apt update/upgrade?
This is a good point, it doesn't really matter for the distro user, I guess. > I guess to me, it seems better to directly address whatever failed to update > the external root.hints than to add complexity of a "will-she won't-she" of > using defined data files. > > Also, does any of this matter? The root hints just used to find the root > servers on initialization, and then the resolver retrieves and uses the > current roots anyway. Resolvers need to update eventually, but it's not a > networking-breaking level of urgency either, is it? I agree, the consequences are extremely mild in the first place. We still go to the trouble of backporting the root hint updates, though. -- Robert Edmonds edmo...@debian.org