On Mon, Jul 24, 2017 at 8:23 AM, Greg Wooledge <wool...@eeg.ccf.org> wrote: > On Sun, Jul 23, 2017 at 06:55:09AM -0500, Tom Browder wrote: >> I would like to remove all bind9 packages from servers running bind9 >> and install the latest bind9 from source. > > Because you want to satisfy internal audits that don't understand how > Debian security patching works, right? Right? Right. OK.
Greg, I appreciate your advice, and I would love to stay with the debian packages. However, I also want to be able to use a debian installation a long time and I see lots of changes on dns resource records. Also, I don't like to rush into debian version updates, so I fear the package bind9 might slip behind current standards. I don't mind source updates--I already do that with openssl, apache, postfix, and mailman. Your bind9 service file is greatly appreciated. Thanks. -Tom
