Opened 9 years ago

Closed 9 years ago

#412 closed task (complete)

Configuration to determine whether to run authoritative or recursive server

Reported by: stephen Owned by: vorner
Priority: low Milestone: y2 12 month milestone
Component: ~Boss of BIND (obsolete) Version:
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity:
Sub-Project: Feature Depending on Ticket:
Estimated Difficulty: 0.0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no

Description

Add configuration option to determine whether the authoritative or recursive server is started when BIND-10 starts. Alter start-up code to take heed of that option.

Subtickets

Change History (9)

comment:1 Changed 9 years ago by jreed

This should allow both to start at same time too such as listening on different ports or addresses.

comment:2 Changed 9 years ago by stephen

  • Owner changed from stephen to UnAssigned
  • Status changed from new to reviewing

The code incorporates Jeremy's comment and allows either the recursor, the authoritative server or both to be started.

The files in src/bin/recurse form a dummy recursor for test purposes only. They should be replaced as soon as the real recursor is incorporated into trunk.

Code is in trac412, branch point is r3564.

comment:3 Changed 9 years ago by vorner

  • Owner changed from UnAssigned to vorner

comment:4 Changed 9 years ago by vorner

Hello

I have few comments:

+        self.res_address = None
+        if res_address:
+            self.res_address = res_address

I think this code can be simplified to just:

	self.res_address = res_address

It seems that it is a copy of the similarly looking code with address. I looked into history and that one seems to be an artifact from times when address was passed as a string and the default was empty string, not None. I pushed this one directly into the repository, I hope you do not mind.

+        # Everything after the main components can run as non-root
+        if self.uid is not None:
+            posix.setuid(self.uid)

There should be a note that this is temporary. Once the privileged socket creator exists, nothing except that one will run as root, not even these main components.

Current recursor in #327 takes only -v and -u parameters. It reads its listen addresses and ports from configuration (and handles more of them, it does not allow changing them at runtime due to #388) and I think there will never be the --no-cache option. It probably does not make sense to run recursor without cache anyway. So maybe the arguments to it should be dropped and -b and -q of boss as well.

Like any configuration, any change at runtime should be reflected without restart. Currently, if someone wants to run recursor only, it needs to be started, with auth, run bind-ctl, change the configuration, shut it down and start again. But this might be another task or ticket.

This change solves #300. When this gets merged, that one should be probably closed too.

comment:5 Changed 9 years ago by vorner

  • Owner changed from vorner to stephen

comment:6 follow-up: Changed 9 years ago by stephen

  • Owner changed from stephen to vorner

I think this code can be simplified to just:

self.res_address = res_address

It seems that it is a copy of the similarly looking code with address. I looked into
history and that one seems to be an artifact from times when address was passed as a
string and the default was empty string, not None. I pushed this one directly into the
repository, I hope you do not mind.

No problems. I've just noticed (and corrected) that default in the call to parser.add_option() for the address was the empty string - that's been changed to "None".

# Everything after the main components can run as non-root
if self.uid is not None:

posix.setuid(self.uid)

There should be a note that this is temporary.

Done.

Current recursor in #327 takes only -v and -u parameters. It reads its listen addresses
and ports from configuration (and handles more of them, it does not allow changing them
at runtime due to #388) and I think there will never be the --no-cache option. It probably
does not make sense to run recursor without cache anyway. So maybe the arguments to it
should be dropped and -b and -q of boss as well.

Done.

Changes committed as r3655.

Like any configuration, any change at runtime should be reflected without restart.
Currently, if someone wants to run recursor only, it needs to be started, with auth, run
bind-ctl, change the configuration, shut it down and start again. But this might be
another task or ticket.

I think this is part of ticket #304, to which I've added some comments.

comment:7 in reply to: ↑ 6 Changed 9 years ago by vorner

  • Owner changed from vorner to stephen

All the changes seem OK. However, we both probably forgot about the changelog entry.

Replying to stephen:

Like any configuration, any change at runtime should be reflected without restart.
Currently, if someone wants to run recursor only, it needs to be started, with auth, run
bind-ctl, change the configuration, shut it down and start again. But this might be
another task or ticket.

I think this is part of ticket #304, to which I've added some comments.

I do not really agree here. While what you wrote to #304 is a nice feature, it does not change anything about the fact that all bind components are expected to be fully reconfigurable at runtime. So the ability to start or stop recursive or auth server without restarting Boss should exist. The thing I wrote was just an example of situation when user might notice.

comment:8 Changed 9 years ago by stephen

  • Owner changed from stephen to vorner

Regarding #302, it is really just part of it - bindctl needs to be extended to have more control over BIND-10. I see it as really being a general control and configuration program.

For the ChangeLog entry I would suggest:

[func]             stephen
src/bin/bind10: Add configuration options to Boss to determine whether to start the
authoritative server or the recursive server (or both).
(Trac #412, svn r3655)

comment:9 Changed 9 years ago by stephen

  • Resolution set to complete
  • Status changed from reviewing to closed

Merged into trunk, r3676

Note: See TracTickets for help on using tickets.