On 09/29/2016 04:57 PM, Niall O'Reilly wrote: > On 29 Sep 2016, at 22:33, Matthew Pounsett wrote: > >> That seems like a lot of complexity to go to in order to avoid running a >> name server as root, though. You'd probably be better off convincing your >> systems people to set up sudo in such a way that you can administer a DNS >> server running on a privileged port, and nothing else. > > If this is for testing and you control all the clients, a VM of your own, > perhaps under VirtualBox on your laptop, may meet your need. > > Niall O'Reilly
No, not really. It's for a private cloud microservices system we're thinking through. We already run most/many of the various service backends in user space so that the app devs and support folks can control their own universe without having to constantly invoke someone with sudo or root or firecall permissions. Because of very strict audit and regulatory constraints, there is zero chance they'll ever get root/sudo access to the DNS config, so running our private DNS just for this subset of private client/cloud users may make sense. I really appreciate everyone jumping in to help with this. -- ---------------------------------------------------------------------------- Tim Daneliuk tun...@tundraware.com PGP Key: http://www.tundraware.com/PGP/ _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
