tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Importing tmux into base

On Fri, Feb 11, 2011 at 04:42:59PM +0000, Christos Zoulas wrote:
> It depends where you are. I'd rather run my own DNS server than rely
> on random ones I get from DHCP. And yes, bind is going eventually be
> replaced because I don't see us putting bind-10 in base (it requires
> boost and python). It is time to look at unbound I think.
> The resolver client is a more difficult proposition since all the 
> alternatives have binary compatibility implications.

Indeed.  I maintain the runtime for a NetBSD-based embedded system
(as many of you know) which has a custom security policy we wrote
with kauth.  This policy prohibits most applications from doing
most network I/O, but, as it happens, many still need to look up domain
names for the network I/O they are allowed to do.

So I could use a small resolver and cache that didn't need to use
UDP to talk to each other, on the local system.  There are certainly
options *if I'm willing to rewrite every application in the system
that might cause DNS resolution to happen*.  Argh.

The other thing to remember about ripping what appears to be server
software out of the system is that most Unix mail clients, on disconnected
systems like laptops or really on any other system experiencing a
connectivity failure, will not retry if their configured MX is not
available.  But local mailers will, so it is good to have one in the
system so a mail client can rely on it to provide reliable delivery,
particularly of stuff like the /etc/security output...


Home | Main Index | Thread Index | Old Index