Re: Add a minimal instance of named early in the boot

["Steven M. Bellovin" <smb%cs.columbia.edu@localhost>]

On Mon, 10 Aug 2009 23:35:57 +0200
Alan Barrett <apb%cequrux.com@localhost> wrote:

> On Mon, 10 Aug 2009, Joerg Sonnenberger wrote:
> > The full-featured name server just has to not bind explicitly to
> > localhost. Using wild card address is fine, as the more specific
> > bind will handle the data in that case.
> 
> Well, yes, but what can I put in named.conf to have that effect?
> Ordinarily, named does not bind to the wildcard address, it tries to
> discover all addresses and bind a separate socket to each address.
> 
> OK, if I run two named instances, one explicitly on localhost and the
> other implicitly on all addresses, then the second one does work,
> despite printing complaints in the log.
> 
> > There is another alternative I just remembered. Adding support for
> > liblwres via nsswitch.conf.
> 
> That would be worthwhile.  I suggest that /etc/rc.d/resolver should
> switch from running named to running lwresd when somebody makes that
> work.
> 
And remember that whatever is done should preserve the integrity of
processes that look at resolv.conf early, and use the same data later,
after the full named is started.  (Or maybe we should import OpenBSD's
resolver library.)


                --Steve Bellovin, http://www.cs.columbia.edu/~smb