[bind10-dev] on configuration

[Michael Graff]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm finding old mail I stored in my "to respond to later" folder.  :)

Danny Mayer wrote:
> You need to be careful about dumping configurations since it's the
> server that does this and you need to make sure that it does not
> overwrite other files, like /etc/passwd! We implemented this in NTP and
> I was not happy about the ability to write the dumped configuration
> anywhere and had to put in preventive measures to limit possible damage.

I totally disagree here.  One of the reasons you want to "dump" is a
backup.  We are not using flat files (probably at least) bind 10.  If we
do, they will be hidden from most of the system via a very XML-like
configuration blob.

One dump of this is to go to a flat text file that can then be reloaded.
 This will almost certainly be XML.  There is no reason it needs to be
stored on the server itself.  After all, any dynamic change will be
recorded in the server's configuration store already (sqlite3, sql, flat
file, whatever) so that is no longer an issue -- there is no real
difference between running and stored configuration and no notion of
periodic dumping of the config data.

Thus, I think for this context, dumping is for backup / cloning /
creating a new cluster member, and not for anything else.

- --Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAktMyQsACgkQ+NNi0s9NRJ0EOACdGWUBEawAtxOcUd1DSPA4UZt3
0w8AnAyT0RjfQgRl++HclvjPxdqRLZWN
=K451
-----END PGP SIGNATURE-----