HPE Community
Operating System - HP-UX
1834704 Members
2674 Online
110069 Solutions
New Discussion

Re: Installation of Bind 9.2.0

 
SOLVED
Go to solution
Robert Hollis
New Member

‎02-23-2006 09:23 AM

‎02-23-2006 09:23 AM

Installation of Bind 9.2.0

The latest vulnerability against BIND4 and BIND8 looks rather nasty. When I install BINDv920, will these vulnerable versions be uninstalled automatically (and thus dropped from swlist)?

Also, as future releases are distributed how can I programatically tell if a version later than v920 is installed.

TIA!

-rob
0 Kudos
Reply
6 REPLIES 6
Jeff_Traigle
Honored Contributor

‎02-23-2006 09:30 AM

‎02-23-2006 09:30 AM

Re: Installation of Bind 9.2.0

Theoretically, the new version should overwrite the current version. However, it's always best to read the installation instructions prior to installing any software upgrade. Sometimes the instructions will direct you to uninstall the previous version before installing the new version. Failing to follow instructions can cause you much grief. :)

To see what version is installed, aside from checking swlist output, you can run "what /usr/sbin/named" and it will display some information, including the BIND version it is.
--
Jeff Traigle
Reply
Geoff Wild
Honored Contributor

‎02-23-2006 09:33 AM

‎02-23-2006 09:33 AM

Re: Installation of Bind 9.2.0

Depends - how were the old versions installed?

Best to remove them manually.....

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
Reply
A. Clay Stephenson
Acclaimed Contributor

‎02-23-2006 09:34 AM

‎02-23-2006 09:34 AM

Solution

Re: Installation of Bind 9.2.0

Actually this is one of those packages that I prefer not to get from HP. Even 9.2.0 is rather old. I suggest that you download the BIND 9.3.2 source from www.isc.org and build your own. The build is very easy and is the latest and greatest version. I always install BIND and DHCPD from ISC; they guys who invented the stuff know most about it.

If you are doing dynamic DNS and DHCP then this is really the way to go.

If you execute the rndc command, the version will be displayed.

If it ain't broke, I can fix that.
Reply
Robert-Jan Goossens
Honored Contributor

‎02-23-2006 09:36 AM

‎02-23-2006 09:36 AM

Re: Installation of Bind 9.2.0

Rob,

Check the install notes for bind.

http://h20293.www2.hp.com/portal/swdepot/displayInstallInfo.do?productNumber=BIND9.2

Best regards,
Robert-Jan
Reply
Robert Hollis
New Member

‎02-23-2006 10:23 AM

‎02-23-2006 10:23 AM

Re: Installation of Bind 9.2.0

Wow, thanks for all the quick responses!

They lead to another, though. When apps are compiled and installed from source, it seems swlist would not be updated. That would equate to swlist being an inaccurate representation of the system's software inventory.

Is this the case?

-rob
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎02-23-2006 10:35 AM

‎02-23-2006 10:35 AM

Re: Installation of Bind 9.2.0

In general, yes, that is true. With more effort, you could package the finished version and install using swinstall but that is really overkill for dhcpd and dns. I tend to leave the HP supplied versions in their standard locations but simply don't start the daemons (i.e. turn them off in the /etc/rc.config.d/xxx files). This way, HP patch bundles will update the installed (but non-functional versions) without problem. I then install the ISC versions in non-standard locations (at least from HP-UX's point-of-view) and create custom rc scripts to start and stop the ISC versions of the software. I've really never felt the need to swpackage a bundle for BIND or DHCPD.

I don't install many replacements for HP supplied utilities but here I make an exception. As an example, some years ago, travelling users within the company had a need to assign fixed IP addresses that varied according to the subnet they were connecting on --- and to dynamically update DNS with the "new" IP address. The HP supplied version of bootpd could not come close to doing this but ISC's dhcpd could easily do this and dynamically update DNS at the same time.

If it ain't broke, I can fix that.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.