local nameserver support


I just committed to CVS support for running a local copy of BIND 9 which
acts as a caching nameserver.  Actually, I guess I shouldn't say
"support", because it's actually now required. 

There are a few reasons for this change, but the major ones are:

1) It's a step towards NetworkManager taking sole control over domain
   resolution; the idea is other applications should never
   touch /etc/resolv.conf directly.  I plan to provide a D-BUS interface
   for adding/removing nameservers.
2) It avoids issues with applications not picking up changes
   to /etc/resolv.conf.  Now resolv.conf just points to

This setup seems to be working well for me, except for a bug in that on
a default Fedora Core 3 installation, bind won't be able to start
because the targeted SELinux policy can't differentiate the bind started
by NetworkManager from the "normal" bind.  I'm going to try fixing this
soon in a generic way; it's come up for gnome-user-share running Apache
too.  But as a temporary workaround, you can disable SELinux protection
for named with "setsebool -P named_disable_trans true".  This should be
acceptable for now since it's pretty unlikely you're running a real
nameserver (i.e. an authoritative public-facing bind) on the same
machine as NetworkManager at the moment.

Anyways, testing and feedback is appreciated!

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]