[prev in list] [next in list] [prev in thread] [next in thread]
List: unbound-users
Subject: [Unbound-users] nss-ubdns: NSS module for DNSSEC validated hostname
From: Robert Edmonds <edmonds () debian ! org>
Date: 2011-10-30 3:54:16
Message-ID: 20111030035416.GA644 () mycre ! ws
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
hi,
i've written a validating stub resolver module for GNU systems that use
the glibc Name Service Switch. it uses libunbound instead of the system
libresolv library to perform hostname lookups.
this is the first release. the source code is available here:
https://github.com/edmonds/nss-ubdns
i have also made signed debian packages available here:
http://people.debian.org/~edmonds/nss-ubdns/
note that the debian package depends on the unbound-anchor package,
which is currently only available in unstable. the unbound-anchor
utility is used at package installation time and periodically thereafter
to keep the root anchor up to date. you need to manually edit the
/etc/nsswitch.conf file and change "dns" to "ubdns" after installation
to activate the module.
on my amd64 system the libnss-ubdns module (with statically linked
libunbound and libldns) causes about 3.5 MB of additional DSOs
(libcrypto, libpthread, libz, etc.) to be mapped into processes that use
the stub resolver. in comparison, libnss-dns and libresolv together
only use 101 KB.
--=20
Robert Edmonds
edmonds@debian.org
["signature.asc" (application/pgp-signature)]
_______________________________________________
Unbound-users mailing list
Unbound-users@unbound.net
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic