11 Led
2013
11 Led
'13
14:48
Hi Marek,
On Jan 11, 2013, at 11:41 , Marek Vavruša wrote:
That sweet spot is exactly what I'm hoping for.
Regards,
Johan
I'm with you about the keep-it-simple concept. But
- majority of the
code doesn't add any extra specific complexity that wasn't there. Just
the medium changed from signals due to specific limitations (mentioned
below).
I fully agree that signals are not the optimal control interface.
> rndc -s remote.server reconfig
> ssh remote.server rndc reconfig
I understand the feelings and reasoning behind this,
but there are
couple good reasons why we implemented it. As Peter noted - it is not
possible to control process operation by signals unless you have the
appropriate rights for it.
I haven't seen any other messages about this than your initial announcement so I
don't know what Peter wrote.
And for some scenarios, it is desirable to
run server as a different user and control by others. As for the
firewall thing, control interface was never meant to be exposed on a
public interface (also noted in the documentation), but rather on a
loopback or trusted LAN.
Maybe it would be better to have a UNIX socket for that, I really went
for the BSD sockets for the configuration consistency and... laziness.
Perhaps I'll reconsider.
Well, I think UNIX sockets are just fine in this case. I'm more concerned about people
using "-s remote.server" for arbitrary values of "remote.server", so
using UNIX domain sockets takes care of that by forcing them to use some other secure
channel for the "remote" part.
There are
other nameservers that have been sucked down into the feature-bloat hole and they have a
really hard time getting out, because once you have a feature then people will depend on
it and then it very quickly becomes impossible to remove it because then users will
complain. Therefore you have to be really, really careful with what you add...
I'll keep that in mind, in fact, we're in the process of removing
(although hidden and internal) complexity. It doesn't have to be bare
bone and bloated, there (usually) is some sweet spot of what's useable
in real world and what is bling. That probably is what we're trying to
achieve.