[nsd-users] NSD still shows permission errors on Debian 10 Buster

[Wouter Wijngaards]

Hi Paul,

On 28/05/2020 20:55, Paul Wouters wrote:
> On Thu, 28 May 2020, Wouter Wijngaards via nsd-users wrote:
> 
>>> I have a suggestion. Maybe just delete this nsd.service file.
> 
>> Thank you for the suggestion.  Removed it.  Complicated and not useful
>> is not what I want for a contrib file, instead I would want files in
>> contrib to be helpful and add to make use of NSD in different
>> environments easier.
> 
> It is also completely different from the one used in fedora or epel/centos.
> 
>> Yes the removal of IPv6 also seems counterproductive to me.
> 
> This all came in via 70346a384 by you as part of the --enable-systemd
> patch. It also includes the "socket activation" stuff, eg

Sorry about that Paul, I include stuff that people ask me, and I am no
expert on systemd, either.

> contrib/nsd.socket that also makes absolutely no sense for a DNS server
> daemon that is expected to always run anyway. And their default is
> to activate it via queries received on 127.0.0.1.

The code for that has since been removed from NSD in its entirety, in
4.3.0.  The sd socket code is removed.  Code for sd notify is still there.

> 
> Note for fedora/centos, I do not compile with --enable-systemd because
> of these reasons, even though I would like to enable the systemd
> watchdog part that is part of that feature. Perhaps the socket
> activation and software watchdog parts can be split into two different
> configure options? (--enable-sd-notify and --enable-sd-socket ?)

The --enable-sd-socket option is not needed because code has been
removed.  The --enable-systemd option enables the sd-notify feature.

Best regards, Wouter

> 
> Paul