repository for zone files

Thu Sep 23 21:29:42 UTC 2010

On 09/23/10 13:14, Greg Whynott wrote:
> they (the distro maintainers) could not agree to put anything in the
> same place if the worlds sanity depended on it.
>
> /var/named /srv/bind /etc/bind /var/lib/named /usr/local/named
>
> it's all over the place.   myself i just create links from /var/named
> (which is where I think it was found on most commercial UNIX's I've
> used,  IRIX admin here..) to wherever they decided to stick it.  That
> being said,  if you build it from source (which I'd be inclined to do
> if not using a linux wiht a support contract),  you can pass the path
> to configure and place it anywhere you wish with zero functionally
> loss.
>
> its a bunch of "my way makes sense,  i'll pee in this corner,  its
> mine now).
>
> its UNIX fragmentation all over again.  8)

Over the years, I have learned the utility of sticking to your OS's 
package-management system.  It ensures that files being placed in the 
major system directories are tracked and can be updated/uninstalled 
easily when necessary.  You can always create a /usr/wild-wild-west 
directory for non-package stuff, but that doesn't scale well.  Compiling 
from source is fine, as long as you create your own 
RPM/dpkg/pkg/port/whatever so that you keep track of what's there.  When 
using your own packages, it's still good to do what the OS prefers so 
that you can maintain compatibility with the OS's packages (and its 
default configuration for things like SELinux).

I agree, though, with your sentiment.  From an administration 
perspective, it no longer makes sense to have "Linux vs. BSD vs. Other 
Unix" arguments--it's now "RHEL/CentOS/Fedora vs. Debian/Ubuntu vs. SuSE 
vs. Mandriva vs. Gentoo vs. FreeBSD vs. OpenBSD vs. NetBSD vs. Dragonfly 
vs. (Open)Solaris vs. AIX vs. etc etc etc."

It's further complicated by the fact that some distros do a better job 
of keeping BIND up-to-date than others.  Some do a fine job of applying 
security patches...to BIND 9.3.x.  That's fine if you plan to sleep 
through DNSSEC.  It doesn't help much if you need newer features for 
your system that's running as a dedicated DNS server--and you probably 
do.  FreeBSD is good in this regard, thanks to the efforts of Doug 
Barton who keeps the various BIND trains up to date in ports.  In other 
words, so distros/OSes are better for BIND than others, but the idea of 
having to choose different distros/OSes for different services doesn't 
scale terribly well.

michael