BIND through COPR after CentOS
bind at jubileegroup.co.uk
Fri Dec 18 23:24:55 UTC 2020
On Fri, 18 Dec 2020, Leroy Tennison wrote:
> ... switching from an rpm world to a deb world
> ... Not an enormous change but significant.
Indeed. I'd suggest that if it's just about BIND, it's easier to grab
the source and build it. That way you don't ever have to wait for the
package maintainer (not that you'll usually have to wait long), you do
get to make your own decisions, and there'll be fewer nasty surprises.
This has been my routine for more than a decade - I just did it this
evening on our primary. The secondaries are somebody else's problem.
$ wget https://downloads.isc.org/isc/bind9/9.11.26/bind-9.11.26.tar.gz
$ tar xzvf bind-9.11.26.tar.gz
$ cd bind-9.11.26/
$ ./configure --enable-ipv6 --prefix=/usr/local --sysconfdir=/etc --with-openssl ...
# make install
# kill $(pidof /usr/local/sbin/named) ; sleep 2 ; /usr/local/sbin/named -u named
I don't think 'apt-get update/upgrade' would have been any quicker.
You might want to check signatures etc., but it is an 'https' download
link. If you have a lot of machines and no Puppet, you can of course
make your own package in a few minutes.
You'll want to subscribe to the announce@ list. If there's no CVE, I
usually wait for a couple of days after the announcement...
More information about the bind-users