evil_smurf
Verified User
- Joined
- Mar 3, 2006
- Messages
- 112
bind update via yum went fine for me yesterday on CentOS 5.2 x64. it was only the clamav update via yum that just introduced a crashing clamd every 20 minutes =/
Update to Bind?
- Thread starter Henrik
- Start date
nobaloney
NoBaloney Internet Svcs - In Memoriam †
I'm confused. From where do you NOT remove bind-chroot? My understanding is that we do NOT want chrooted bind, so I'm a bit confused.
Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
RPM-based distributions generally never change the version number for a given distribution; they create subversions with backported fixes.
Why? To keep out of dependency hell.
Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
My understanding is that we do want to update BIND but that we do NOT want to update the bind-chroot RPM.Makes you wonder why named is in the exclude list to begin with
John?
Jeff
ah. Always wondered about that. Thanks for the info.
- Joined
- Feb 27, 2003
- Messages
- 8,139
Hello,
Correct, bind can be updaed, but bind-chroot should not.
I've removed bind* from the /usr/local/directadmin/scripts/up2date.sh script (includes yum.conf setup) for the next release. I left bind-chroot* in the list.
John
Correct, bind can be updaed, but bind-chroot should not.
I've removed bind* from the /usr/local/directadmin/scripts/up2date.sh script (includes yum.conf setup) for the next release. I left bind-chroot* in the list.
John
nobaloney
NoBaloney Internet Svcs - In Memoriam †
I'd feel better if we can say bind-chroot shouldn't be installed, but unfortunately on modern RPM-based distributions, including RedHat Enterprise Linux 5 and CentOS 5, it doesn't seem to be a possible selection (the next time I install a CentOS 5 server I'll look more closely). We remove it immediately after the system is built, before we install DirectAdmin.
Jeff
Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Remember that Red Hat and thus CentOS use their own version numbering scheme to avoid dependency problems through the life of a distribution.
Jeff
Jeff
On CentOS 4.x yum updated me too: bind-9.2.4-28.0.1.el4
Does that release have the security fix for bind?
Also, I heard disabling recursion in named.conf helps on this issue.
//
//Restricts recursive DNS lookups to following IP pools
//
allow-recursion {127.0.0.1; my_ips.0/24; };
Is that true?
Matt
Does that release have the security fix for bind?
Also, I heard disabling recursion in named.conf helps on this issue.
//
//Restricts recursive DNS lookups to following IP pools
//
allow-recursion {127.0.0.1; my_ips.0/24; };
Is that true?
Matt
voxxitdesigns
Verified User
- Joined
- Apr 9, 2005
- Messages
- 48
Invader Zim
Verified User
- Joined
- Sep 4, 2004
- Messages
- 177
So, what is this http://files.directadmin.com/services/packages-6-stable/Latest/bind.tbz then that is getting installed by the setup.sh in /usr/local/directadmin/scripts/setup.sh? Is this a repackaged bind? Is it compatible with free 6.1's layout for bind? Will there be any problems installing the port version of bind 9.5?
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Running bind-chroot WILL break DirectAdmin. There's an article in the knowledgebase as to how to undo the damage.
Jeff
Jeff
bind-chroot issue
SO here's a killer... Yum installed Bind-chroot awhile back, I followed the DA methods to restoring it, but somehow yum won't pay any attention to the bind-chroot* in the exclude list.
[root@srv001c etc]# yum -y update
Loading "fastestmirror" plugin
Determining fastest mirrors
* base: mirror.stanford.edu
* updates: ftp.osuosl.org
* addons: mirrors.cat.pdx.edu
* extras: linux.mirrors.es.net
base 100% |=========================| 1.1 kB 00:00
primary.xml.gz 100% |=========================| 853 kB 00:00
base : ################################################## 2458/2458
updates 100% |=========================| 951 B 00:00
primary.xml.gz 100% |=========================| 142 kB 00:00
updates : ################################################## 358/358
addons 100% |=========================| 951 B 00:00
primary.xml.gz 100% |=========================| 157 B 00:00
extras 100% |=========================| 1.1 kB 00:00
primary.xml.gz 100% |=========================| 75 kB 00:00
extras : ################################################## 249/249
Excluding Packages in global exclude list
Finished
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package bind.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
---> Package bind-libs.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
--> Processing Dependency: bind = 30:9.3.3-10.el5 for package: bind-chroot
---> Package bind-utils.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
--> Finished Dependency Resolution
Error: Missing Dependency: bind = 30:9.3.3-10.el5 is needed by package bind-chroot
I've even gone so far as to put my exclude list like this:
exclude=apache* httpd* mod_* mysql* MySQL* da_* *ftp* exim* sendmail* php* *bind-chroot* bind-chroot* *chroot* chroot* chroot
Kinda overkill, but it makes no difference anyways. If I have *bind in the exclude list it disappears. Cleared yum a billion times... no difference.
I guess the OS thinks it's got bind-chroot installed and I've just band-aided it to make it not break DA... But now it won't update? I have no idea what's happening here. Thoughts, anybody?
SO here's a killer... Yum installed Bind-chroot awhile back, I followed the DA methods to restoring it, but somehow yum won't pay any attention to the bind-chroot* in the exclude list.
[root@srv001c etc]# yum -y update
Loading "fastestmirror" plugin
Determining fastest mirrors
* base: mirror.stanford.edu
* updates: ftp.osuosl.org
* addons: mirrors.cat.pdx.edu
* extras: linux.mirrors.es.net
base 100% |=========================| 1.1 kB 00:00
primary.xml.gz 100% |=========================| 853 kB 00:00
base : ################################################## 2458/2458
updates 100% |=========================| 951 B 00:00
primary.xml.gz 100% |=========================| 142 kB 00:00
updates : ################################################## 358/358
addons 100% |=========================| 951 B 00:00
primary.xml.gz 100% |=========================| 157 B 00:00
extras 100% |=========================| 1.1 kB 00:00
primary.xml.gz 100% |=========================| 75 kB 00:00
extras : ################################################## 249/249
Excluding Packages in global exclude list
Finished
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package bind.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
---> Package bind-libs.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
--> Processing Dependency: bind = 30:9.3.3-10.el5 for package: bind-chroot
---> Package bind-utils.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
--> Finished Dependency Resolution
Error: Missing Dependency: bind = 30:9.3.3-10.el5 is needed by package bind-chroot
I've even gone so far as to put my exclude list like this:
exclude=apache* httpd* mod_* mysql* MySQL* da_* *ftp* exim* sendmail* php* *bind-chroot* bind-chroot* *chroot* chroot* chroot
Kinda overkill, but it makes no difference anyways. If I have *bind in the exclude list it disappears. Cleared yum a billion times... no difference.
I guess the OS thinks it's got bind-chroot installed and I've just band-aided it to make it not break DA... But now it won't update? I have no idea what's happening here. Thoughts, anybody?
Tristan
Verified User
I don't think this would work if you're really on Debian Sarge since there aren't any security updates for Sarge nowadays. This would just install bind9 (1:9.2.4-1sarge3) built on Wed, 25 Jul 2007. But maybe you're using Etch packages or backports?