Hi there, On Thu, 17 Nov 2011 Jeremy C. Reed wrote: > On Wed, 16 Nov 2011, Phil Mayers wrote: > > > > It might be good if bind were able to re-start itself, rather than dying > > outright (e.g. re-exec the process) but that is dangerous too; it's better > > done by an unrelated supervising process. > > In the bind9 tarball's contrib directory there is a simply "nanny" ... > I am curious if any users of the nanny.pl script (or similar parent) had > any crash but didn't notice it. ...
Never in several machine decades have I had to do anything like that for BIND. The fact that people are even talking about it is of some concern to me. Twice in approximately the last month I have had one particular server go down for no apparent reason. This machine runs BIND. I keep its copy of BIND fairly well up to date. It has been running 24/7 for well over a decade with typically a couple of years between reboots. I have no evidence that BIND was the culprit, but in view of recent events elsewhere it seems just a little suspicious. > Also what other types of nanny scripts do you use? (I already saw other > emails with a few suggestions.) The only nanny I normally use is something which restarts sshd every fifteen minutes from the crontab. Attackers sometimes manage to crash a daemon while trying to exploit it; some of my remote machines are *very* remote; and a two thousand mile round trip to restart a daemon is unappealing. Other than that, if something is so unreliable that it needs a nanny, I won't use it anywhere that matters. -- 73, Ged. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
