BIND 10 #412: Configuration to determine whether to run authoritative or recursive server
BIND 10 Development
do-not-reply at isc.org
Sat Nov 27 21:45:19 UTC 2010
#412: Configuration to determine whether to run authoritative or recursive server
-------------------------------+--------------------------------------------
Reporter: stephen | Owner: vorner
Type: task | Status: reviewing
Priority: minor | Milestone: y2 12 month milestone
Component: Boss of BIND | Resolution:
Keywords: | Sensitive: 0
Estimatedhours: 0.0 | Hours: 0
Billable: 1 | Totalhours: 0
Internal: 0 |
-------------------------------+--------------------------------------------
Comment(by vorner):
Hello
I have few comments:
{{{
+ self.res_address = None
+ if res_address:
+ self.res_address = res_address
}}}
I think this code can be simplified to just:
{{{
self.res_address = res_address
}}}
It seems that it is a copy of the similarly looking code with address. I
looked into history and that one seems to be an artifact from times when
address was passed as a string and the default was empty string, not None.
I pushed this one directly into the repository, I hope you do not mind.
{{{
+ # Everything after the main components can run as non-root
+ if self.uid is not None:
+ posix.setuid(self.uid)
}}}
There should be a note that this is temporary. Once the privileged socket
creator exists, nothing except that one will run as root, not even these
main components.
Current recursor in #327 takes only -v and -u parameters. It reads its
listen addresses and ports from configuration (and handles more of them,
it does not allow changing them at runtime due to #388) and I think there
will never be the --no-cache option. It probably does not make sense to
run recursor without cache anyway. So maybe the arguments to it should be
dropped and -b and -q of boss as well.
Like any configuration, any change at runtime should be reflected without
restart. Currently, if someone wants to run recursor only, it needs to be
started, with auth, run bind-ctl, change the configuration, shut it down
and start again. But this might be another task or ticket.
This change solves #300. When this gets merged, that one should be
probably closed too.
--
Ticket URL: <https://bind10.isc.org/ticket/412#comment:4>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list