sebastien.estienne at gmail.com
Tue Nov 20 16:47:24 UTC 2007
On Nov 20, 2007 5:29 PM, Scott Kitterman <ubuntu at kitterman.com> wrote:
> On Tuesday 20 November 2007 10:56, Loye Young wrote:
> > > About not starting avahi-daemon: (this is ubuntu/debian specific)
> > <snip details>
> > (1) Your comments are helpful and should be easily accessible in the
> > documentation.
> > (2) AVAHI_DAEMON_START=0 should be default, IMHO. Better yet, avahi
> > shouldn't be on the system at all unless specifically installed. At most,
> > it should be a "Suggested" dependency.
> > (3) Still doesn't explain how to get avahi off the machine and leave it in
> > a usable and upgradeable state.
> Agreed. IMO it's in technical compliance with no open ports by default, but
> really stretches the spirit of it.
No open ports by default?
How would you use dhcp udp/68 or dns udp/53 without opening ports by default?
if you are concern about security, you should use a firewall in the first place.
> > > So what is the missing documentation in avahi?
> > (1) See above.
> > (2) How it interacts with and overrides (some would argue "hijacks") the
> > normal Debian networking system of ifupdown, /etc/network/interfaces, etc.
> > (3) What the jargon in the documentation means. E.g., the following line
> > from the avahi-daemon manpage is unintelligible to someone who doesn't
> > already know the avahi system:
> > " The daemon registers local IP addresses and static services
> > using mDNS/DNS-SD and provides
> > two IPC APIs for local programs to make use of the mDNS record
> > cache the avahi-daemon maintains. "
> > Whoever wrote this must have an affinity for tax regulations under the U.S.
> > Internal Revenue Code. ;-)
> Personally I'd rather stay entirely away from it. The entire mDNS idea is a
> gross DNS hack that ends up piling .local queries up against the DNS roots.
> Scott K
> ubuntu-server mailing list
> ubuntu-server at lists.ubuntu.com
> More info: https://wiki.ubuntu.com/ServerTeam
More information about the ubuntu-server