Micah Anderson píše v Út 20. 05. 2008 v 10:20 -0400: > One of the few recommended regular maintainence tasks of running a > nameserver is to periodically update the root hints file. In fact the > DNS-HOWTO on tldp.org has a section describing this[0]. > > This bug was recently pointed out to me, and I performed the dig > commands recommended by the original bug submitter and found that there > actually has been more root nameserver changes that have been made since > the original report (and since the bind9 package's db.root hints file > was last updated, which was in Feburary). Notably, the A records for the > L, M, N root servers have been removed (although their NS records > remain). > > Seeing as how root hints updates are recommended regular maintainence, > it would be prudent for the bind packages to install a cronjob that does > this sort of update, maybe once a month. That way a security update > doesn't need to be done, nor do people need to find the package in > volatile. > > Such a cronjob would have to make sure it didn't stop on any local admin > changes to the file, and should handle failures gracefully. There are a > few example cronjobs out there on the webbernet that could be used as a > good starting point.
You forgot the fact that bind is not only DNS server which requires db.root. We have powerdns (pdns-recursor) and unbound[1] will hit archives very soon. I am thinking whether it's the right time to split db.root to separate package, so it can be kept in sync with changes. Ondrej. 1. http://www.unbound.net/ -- Ondřej Surý <[EMAIL PROTECTED]> *** http://blog.rfc1925.org/ Kulturní občasník *** http://www.obcasnik.cz/ Nehoupat, prosím *** http://nehoupat.blogspot.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
