[suse-sles-e] A better framework for named configuration

From: Michael James (Michael.James_at_csiro.au)
Date: Mon Mar 13 2006 - 04:35:17 CET

• Next message: Lars Müller: "Re: [suse-sles-e] A better framework for named configuration"
• Previous message: Alexei Roudnev: "Re: [suse-sles-e] groupadd in LDAP"
• Next in thread: Lars Müller: "Re: [suse-sles-e] A better framework for named configuration"
• Reply: Lars Müller: "Re: [suse-sles-e] A better framework for named configuration"
• Reply: Silviu Marin-Caea: "Re: [suse-sles-e] A better framework for named configuration"
• Maybe reply: Wade Grant: "Re: [suse-sles-e] A better framework for named configuration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Michael James <Michael.James@csiro.au>
Date: Mon, 13 Mar 2006 14:35:17 +1100
Message-Id: <200603131435.17467.Michael.James@csiro.au>
Subject: [suse-sles-e] A better framework for named configuration

While many of the YaST modules are excellent,
 the SuSE approach to configuring named
 has 3 big problems:

1) YaST hides the ONLY copy of the master zone files
 way down in /var/lib/named/ !!!
WHAT is important information doing stashed there?
Shouldn't ALL configuration info be in /etc ? (Debian style)

2) If the sysadmin sensibly puts zone info into /etc/named.d/master
 they then have to list that file explicitly in
 /etc/sysconfig/named:NAMED_CONF_INCLUDE_FILES

3) The directory setup in /var/lib/named
 is different to that in /etc/named.d
 This means /etc/named.conf needs to be changed
 if you ever want to run non-chrooted.

I'd like to propose 2 1/2 rules and a script:

Rule 1) The master copies of all named configuration files
 and zones are kept in in /etc/named.d/
( Actually I have 2 files there,
  "named.master" and "named.slave"
  and I create a primary or secondary server
  by linking the appropriate one to "/etc/named.conf".

Rule 2) On named start, restart, and reload;
  everything in /etc/named.d/
  gets recursively copied down into the chroot jail.

Rule 2a) Before doing that,
 preserve a copy of the slave zone files
 that were axfr-ed into the chroot jail during the last run.

A couple of rsync commands implements the guts of this:

# Capture the slave zone info back up to /etc/named.d/slaves
rsync -a --delete \
        ${CHROOT_PREFIX}/etc/named.d/slaves/ \
        /etc/named.d/slaves/

# Copy the main /etc/named.d/ down into the chroot jail
rsync -a --delete \
        /etc/named.d/ \
        ${CHROOT_PREFIX}/etc/named.d/

Wouldn't this give us a cleaner and more manageable setup?

-- 
Michael James                         michael.james@csiro.au
System Administrator                    voice:  02 6246 5040
CSIRO Bioinformatics Facility             fax:  02 6246 5166
PS:  It would probably be possible to weave dyndns into this.
	I haven't tried.   The idea of having my zone tables
	 scattered through all the PCs gives me the creeps.
---------------------------------------------------------------------
To unsubscribe, e-mail: suse-sles-e-unsubscribe@suse.com
For additional commands, e-mail: suse-sles-e-help@suse.com

• Next message: Lars Müller: "Re: [suse-sles-e] A better framework for named configuration"
• Previous message: Alexei Roudnev: "Re: [suse-sles-e] groupadd in LDAP"
• Next in thread: Lars Müller: "Re: [suse-sles-e] A better framework for named configuration"
• Reply: Lars Müller: "Re: [suse-sles-e] A better framework for named configuration"
• Reply: Silviu Marin-Caea: "Re: [suse-sles-e] A better framework for named configuration"
• Maybe reply: Wade Grant: "Re: [suse-sles-e] A better framework for named configuration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Mon Mar 13 2006 - 04:35:39 CET