[Unbound-users] Unbound release 1.4.12
ondrej at sury.org
Mon Jul 18 20:56:17 UTC 2011
For Ubuntu you can always use my PPA:
I usually try to keep it up-to-date and if it's not it's easy to ping me :).
On Mon, Jul 18, 2011 at 17:31, <lst_hoe02 at kwsoft.de> wrote:
> Zitat von Gábor Lénárt <lgb at lgb.hu>:
>> On Mon, Jul 18, 2011 at 10:11:43AM -0400, Paul Wouters wrote:
>>> On Mon, 18 Jul 2011, lst_hoe02 at kwsoft.de wrote:
>>> >May i ask if it is really needed to exclude ldns from tarball? It
>>> >was really handy to not download yet-another-tarball have a look
>>> >at the checksums and move it to the right destination, than do
>>> >configure/make for the libs and start over with unbound again. How
>>> >many people actually need it to be excluded?
>>> see many discussions here in the last. The debian and fedora maintainers
>>> both asks for it to be decoupled, as the tar ball copy inside unbound is
>>> confusing and can sometimes accidentally get linked by unbound if the
>>> ldns dev/devel package is not installed. Staticly linked libraries on
>>> systems are not good. If you think you have ldns 1.6.10 but unbound had
>>> been statically linked to 1.6.9, you might have a security issue.....
>>> Also, not every unbound requires a new ldns.
>>> And of course, people use ldns and ldns-python without unbound.
>> I can be wrong here, but as far as I know unbound only used the "built-in"
>> ldns only if the specific configure option was used and it was not the
>> default (if I am wrong, it can be done to a non-default option, so it
>> be used _only_ if someone is sure that they requested it at the time of
>> running ./configure). So I can't see why it can cause problems that
>> provides the usage of built-in ldns and only if it is requested by the
>> person who compiles it. Debian/fedora maintainers should only not use the
>> --with-ldns-builtin switch of ./configure, it's simply that. Or did I miss
>> something here? Now, I have to compile ldns too, because the LTS version
>> Ubuntu Server does not have the "recent enough" libldns package. So for me
>> (and maybe for many people) this is just a disadvantage. Not everybody
>> "bleeding edge" distributions, I prefer more stable ones, that's why I am
>> using LTS versions of Ubuntu, for example. I think it's a must in a
>> sensitive environment, where stability is important (still, I may use
>> newer softwares, but I prefer to have as many packages/softwares from a
>> "stable" OS repository - like LTS/Ubuntu - as possible, and only compile a
>> single software by hand, which is the "heart" of the service the server
>> is created for. So I have a solid architecture I can build on).
>> Anyway, it's not my decision, and for sure I have no intent to start a
>> about this topic. If it's decided to be this way, it will be, period.
>> However, I am still having problems to get the "old behaviour". How can I
>> compile unbound to link against libldns statically? I couldn't figure out
>> without ugly hacks (see my previous mail), it seems even
>> "--enable-static-exe" does not work (and also it sounds a bit "dangerous"
>> when help of the configure script talks about "for debug purposes"), ldns
>> is still linked dynamically, at least output of ldd on unbound binary
>> shows libldns too.
> Me too!!
> The systems i use Unbound don't have libldns from the OS packages at all
> because nothing is using it there. So without --with-libldns-builtin my
> options are:
> - Install ldns from source with bad things happen if one day another
> application is using ldns from the OS
> - Install ldns from the distribution but this are way too old on many
> systems (1.2.1 on Ubuntu 8.04 LTS)
> - Try to hack around and get the old behaviour :-(
> - Stick with Unbound provided from the distribution :-(
> Unbound-users mailing list
> Unbound-users at unbound.net
Ondřej Surý <ondrej at sury.org>
More information about the Unbound-users