RHEL5 BIND in PROD
Paul Wouters
paul at xelerance.com
Wed Mar 16 00:48:38 UTC 2011
On Tue, 15 Mar 2011, Warren Kumari wrote:
> After having tried to use the distribution supplied packages (for multiple distributions) my opinion is that building from source is the right answer for BIND. The distributions lag more than I'm comfortable with, and BIND builds cleanly from source with mo muss, no fuss....
disclaimer: I'm a passive co-maintainer of bind in rhel/fedora (with Adam doing all the work)
If you just want a newer version of bind on RHEL, then I strongly recommend grabbing the
existing source rpm, downloading the new bind source, and recompiling using the spec file
as much as possible, eg:
yumdownloader --source bind
yum install rpm-build
rpm -hiv bind*src.rpm
cd ~/rpmbuild/SOURCES
wget ftp://ftp.isc.org/....../bind-9.8.x.tar.gz
[edit ~/rpmbuild/SPECS/bind.spec and update the version to the latest bind source)
rpmbuild -ba ~/rpmbuild/SPECS/bind.spec
rpm -Uhv ~/rpmbuild/RPMS/x86_64/bind-9.8.x-1*rpm
You might need to disable a patch that got merged upstream, or a patch that has not
been converted yet to the new upstream source if your build fails to compile.
This will ensure compatibility with RHEL, for instance with initscripts, SElinux, etc.
Alternatively, you can look into the "development tree" for RHEL, called "Fedora".
Fedora is on a 6 month release cycle and releases updates more often. But take note
that you're exchanging stability and testing for a more rapid new version deployment.
Paul
ps. You can catch me tomorrow at the ICANN DNSSEC panel where I will talk about DNSSEC
and Fedora/RHEL.
More information about the bind-users
mailing list