OpenBSD Journal

Heads Up: BIND Disabled in Base

Contributed by tbert on from the night of the living tedu dept.

After many years of being the default DNS server, BIND has been disabled in OpenBSD base:

CVSROOT:	/cvs
Module name:	src
Changes by:	deraadt@cvs.openbsd.org	2014/08/22 13:19:25

Modified files:
	etc            : Makefile changelist group master.passwd rc 
	                 rc.conf 
	etc/mail       : aliases 
	etc/mtree      : 4.4BSD.dist 
Removed files:
	etc/bind       : db.localhost db.loopback db.loopback6.arpa 
	                 named-dual.conf named-simple.conf root.hint 
	etc/rc.d       : named 
	etc/systrace   : usr_sbin_named 

Log message:
disable use of bind in base; in the base use nsd/unbound instead.
a proper & complete bind port will show up.
discussed with many for years

In another commit, the build instructions have been pared back to provide the minimum command line utilities users are used to finding:

CVSROOT:	/cvs
Module name:	src
Changes by:	brad@cvs.openbsd.org	2014/08/22 13:28:25

Modified files:
	usr.sbin/bind  : Makefile.bsd-wrapper Makefile.in configure 
	                 configure.in 
	usr.sbin/bind/bin: Makefile.in 

Log message:
Strip the BIND code down to just building and installing dig, host and nslookup.

Users who wish to continue using BIND will have to wait for the port to show up; those wanting to use base to serve their needs will now (finally) need to transition to unbound.

(Comments are closed)


  1. By sthen () on

    "Users who wish to continue using BIND will have to wait for the port to show up" - the port has been around since 5.2.

    1. By Anonymous Coward () on

      > "Users who wish to continue using BIND will have to wait for the port to show up" - the port has been around since 5.2.

      Are you referring to /ports/net/bind9/ ?

      Its last commit message is :

      remove bind9 port. no longer maintained. also comes with 3.3.

      1. By Giovanni Bechis () on

        > > "Users who wish to continue using BIND will have to wait for the port to show up" - the port has been around since 5.2.
        >
        > Are you referring to /ports/net/bind9/ ?
        >
        > Its last commit message is :
        >
        > remove bind9 port. no longer maintained. also comes with 3.3.

        No, he is referring to ports/net/isc-bind

    2. By J P () on

      > "Users who wish to continue using BIND will have to wait for the port to show up" - the port has been around since 5.2.

      There is a port 'isc-bind' which is NOT the same as BIND 9 from base. I assume the base version went through more scrutiny.

      1. By Anonymous Coward () on

        Sure, e.g. see http://www.undeadly.org/cgi?action=article&sid=20070725193920

  2. By Anonymous Coward () on

    Why just disabling it and not removing it? :-)

    Also: Who uses LKM?! Any Kernel Modules out there anybody is aware of?

    1. By Brad () on

      > Why just disabling it and not removing it? :-)

      Contrary to the commit message it was removed.

  3. By Anonymous Coward () on

    When Sendmail will be removed from base?
    And what's next? YP?

    1. By Brad () on

      > When Sendmail will be removed from base?
      > And what's next? YP?

      Soon-ish.

      YP / NIS can't be removed.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]