[bind10-dev] on configuration
Danny Mayer
mayer at ntp.org
Tue Dec 8 13:00:10 UTC 2009
Stephane Bortzmeyer wrote:
> On Thu, Aug 27, 2009 at 02:41:35PM +0200,
> Jelte Jansen <jelte at isc.org> wrote
> a message of 129 lines which said:
>
>> Instead of a config file, configuration options are set as 'knobs'
>> in an already running system (think bind-ctl set <option>
>> <value>). On exit or specific command, the configuration is stored,
>> and re-read when started again.
>
> By the way, I've just read RFC 5706 "Guidelines for Considering
> Operations and Management of New Protocols and Protocol Extensions"
> and section 3.4 "Configuration management" is relevant for BIND 10,
> with reminders such as:
>
> A mechanism to dump and restore configurations is a primitive
> operation needed by operators. Standards for pulling and pushing
> configurations from/to devices are desirable.
You need to be careful about dumping configurations since it's the
server that does this and you need to make sure that it does not
overwrite other files, like /etc/passwd! We implemented this in NTP and
I was not happy about the ability to write the dumped configuration
anywhere and had to put in preventive measures to limit possible damage.
Danny
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the bind10-dev
mailing list