Hi, I just committed to CVS support for running a local copy of BIND 9 which acts as a caching nameserver. Actually, I guess I shouldn't say "support", because it's actually now required. There are a few reasons for this change, but the major ones are: 1) It's a step towards NetworkManager taking sole control over domain resolution; the idea is other applications should never touch /etc/resolv.conf directly. I plan to provide a D-BUS interface for adding/removing nameservers. 2) It avoids issues with applications not picking up changes to /etc/resolv.conf. Now resolv.conf just points to 127.0.0.1. This setup seems to be working well for me, except for a bug in that on a default Fedora Core 3 installation, bind won't be able to start because the targeted SELinux policy can't differentiate the bind started by NetworkManager from the "normal" bind. I'm going to try fixing this soon in a generic way; it's come up for gnome-user-share running Apache too. But as a temporary workaround, you can disable SELinux protection for named with "setsebool -P named_disable_trans true". This should be acceptable for now since it's pretty unlikely you're running a real nameserver (i.e. an authoritative public-facing bind) on the same machine as NetworkManager at the moment. Anyways, testing and feedback is appreciated!
Attachment:
signature.asc
Description: This is a digitally signed message part