seed file on first startup after all. Primary rationale: it is not
desirable that the predictability of the first boot (whatever that
may happen to be) force an upper bound on the unpredictability of
random seeds for all future dnscache instances. Instead, as before,
let dnscache read 128 new bytes on every startup. Just give it
/dev/urandom instead of /dev/random.
While here, abolish references to LOCALBASE. Bump version.
respond to queries and wrote nothing to the logs. This would have
been more fun to debug if my production system hadn't been relying
on it for name resolution. The problem was a blocking read from
/dev/random.
I'm the one who put that there, over 10 years ago. Do we need it?
From my reading of <http://cr.yp.to/djbdns/dnscache-conf.html> and
dnscache-conf.c, the seed needn't consist of top-notch randomness.
A sysadmin following DJB to the letter (rather than using this
djbdns-run package) would run dnscache-conf once to configure a
dnscache instance. dnscache-conf would cook 128 bytes of randomness
-- without direct assistance from any kernel device -- and write
it to a file. dnscache would read the same file on every startup.
Therefore, we...
1. Generate a random seed iff it doesn't exist (not on every startup)
2. Generate it from /dev/urandom instead of /dev/random
...so that the configuration we generate more nearly matches that of
DJB's documented procedure, and the kind of problem I encountered
is much more difficult to trigger.
While here, add LICENSE (2-clause-bsd) and otherwise placate pkglint.
Bump version.
rcorder: Circular dependency on provision `named' in file `/etc/rc.d/ntpdate'.
Fix it by aping -r1.22 of src/etc/rc.d/named, which had replaced
"SERVERS" with "NETWORKING mountcritremote syslogd". Problem and
fix reported by Nathan Arthur.
Bump version by exactly nine years.
* Add "djbdns" rc.d script to control all enabled djbdns services,
modeled after the "qmail" rc.d script from mail/qmail-run.
* Set rc.conf defaults more succinctly, modeled after mail/qmail-run.
* Add "reload" as a synonym for "cdb" in axfrdns, rbldns, and tinydns.
* Add "foo_postenv" for additional environment customization, for
instance to run dnscache as a pure forwarder.
* Add "foo_log" booleans to enable or disable logging (enabled by default).
* Always run loggers as the "dnslog" user. This makes it simpler
to define alternate loggers.
section above the inclusion of rc.subr, and express the default
assignments more succinctly (from Todd Vierling). Remove Jonathan
de Boyne Pollard's dnscache-showctl and tinydns-showctl, since they
don't apply to services run with these rc.d scripts. Bump version.
are useful only for services configured in the standard way (with
{dnscache,tinydns}-conf(8)).
On second thought, don't use the G prefix for the account names.
It makes the dnscache account longer than 8 characters, which in
turn makes noise in the nightly report. (Also, it looks a little
funny.) Since this is already a heavily customized way of running
djbdns services, it's just a little more customized now.
Bump version.
rc.d scripts (inspired by Bennett Todd's Linux init.d scripts) to
run djbdns services. It also includes Jonathan de Boyne Pollard's
dnscache-showctl and tinydns-showctl scripts.
