Re: Proper FreeBSD installation practices

From: Dan Nelson <dnelson@xxxxxxxxxxxxxxx>
Date: Tue, 31 Jan 2006 16:01:31 -0600

In the last episode (Jan 31), Alvaro J. Gurdin said:
> I just installed FreeBSD 6.0 on a computer I want to use to test BIND.
> The newest release is 9.3.2, but the one installed with FreeBSD 6.0 is
> 9.3.1. Since according to the ISC's website there are a few bugs in
> 9.3.1, I decided to upgrade.
>
> I then looked over the ports and found versions going up to 9.3.1. So

The bind9 port has been at 9.3.2 since late December, actually (8 days
after the upstream release).

> I downloaded the neccessary files from ISC's ftp. But I started
> wondering, where would the most appropriate place to install BIND be?
>
> My current version is installed in /usr/sbin/named, but the default
> install goes to /usr/local/sbin/named.
>
> Should I let the install go to it's default location, rename
> /usr/sbin/named to /usr/sbin/named9.3.1 and then symlink
> /usr/local/sbin/named to /usr/sbin/named?
> Or, should I tell the proper install flag to install named in
> /usr/sbin, and overwrite the previous version?( after all, I am not
> going to use it )

> I am planning to put BIND in a sandbox anyway......I ask this mainly to
> find out about common practices.

Easier to just set named_program=/usr/local/sbin/named in rc.conf and
use the included rc.d/named startup script. I thought this was
documented in the port somewhere, but apparently not. The rc.d/named
script tells named to chroot itself into /var/named/, also.

--
Dan Nelson
dnelson@xxxxxxxxxxxxxxx
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"

Follow-Ups:
- Re: Proper FreeBSD installation practices
  - From: Dan Nelson

References:
- Proper FreeBSD installation practices
  - From: Alvaro J . Gurdián

Prev by Date: Re: Trying to Upgrade 5.2.1 to later version
Next by Date: Re: Proper FreeBSD installation practices
Previous by thread: Proper FreeBSD installation practices
Next by thread: Re: Proper FreeBSD installation practices
Index(es):
- Date
- Thread

Relevant Pages

Re: logrotate failure
... 'named' because bind wasn't installed. ... I guess most folks weren't bit because they do install bind. ... You might want to check to see if you still have a bind logrotate file ... I repeat, no upgrade, fresh install. ...
(Fedora)
FreeBSD Security Advisory: FreeBSD-SA-01:18.bind
... BIND is an implementation of the Domain Name Service protocols. ... assist the ability of attackers to exploit the primary vulnerability ... the bind8 port in the ports collection ... If you have chosen to install BIND from the ports collection and are ...
(FreeBSD-Security)
Re: bind9 prevents external access
... I have now installed resolvconf and after rebooting resolvconf ... nameserver: 127.0.0.1 ... >> the allow-recursion part was only to filter for whom your bind will ... A fresh install should resolve names normally. ...
(Debian-User)
Question about Bind
... I did not realise installing FreeBSD would automatically install Bind 9.3. ... # Enable network daemons for user convenience. ...
(freebsd-questions)
Re: Somethings happening with named
... > If someone could briefly explain the versioning used by bind, ... is it worth upgrading to T9B (or whatever the latest ... You can install the bind8 port over your current bind ... with "unsubscribe freebsd-security" in the body of the message ...
(FreeBSD-Security)