5.4. Installing djbdns

Whether you are using FreeBSD or OpenBSD, djbdns is not included with the operating system. In FreeBSD, it is available as a port. Under OpenBSD, you must build from source following Bernstein's installation instructions. Documentation is not included by default with djbdns. It is available as a separate download online. You should probably download the documentation and familiarize yourself with it before installing.

5.4.1. Preliminaries

There is a little planning to do before installing djbdns. You will need more than just the djbdns software itself in order to run any of the djbdns programs. Two utility packages are required that provide functionality other than DNS service. Despite the fact that it is probably possible to run djbdns service in some other way, it is better to obey the convention and use these assistant programs.

5.4.1.1 Locating zone data

The installation instructions for djbdns suggest creating directories in /etc for DNS-related services. In general, this is a fine idea. Both OpenBSD and FreeBSD are careful about how they handle /etc when upgrading the operating system. There is one case, however, in which it might be undesirable to put your tinydns configuration in /etc. All of your zone data will be stored wherever you create the tinydns directory. If you have a lot of zone data, you may not want all that zone data in your root partition. It might fill your root partition; it makes fsck take longer to run on your root partition in an emergency; or it might simply violate your conventions of separating data and configuration information. Some administrators use immutable filesystem flags or read-only mount points for configuration data (such as the /etc directory or the / partition). In such a case, you might want to put your DNS zone data elsewhere. The easy solution is to use /usr/local/etc/tinydns or some other location that puts the data on a different, larger partition. Since the directory will be symbolically linked to /service (or /var/service on FreeBSD), it's true location is not very important.

5.4.1.2 Daemontools

Bernstein has written a series of tools, called "daemontools," that coordinate Unix services. Some of the tools orchestrate the starting, stopping, and signaling daemon processes. Other tools help run setuid and setgid programs safely and set environment variables for services. There is also a tool for managing logfiles. These are general-purpose tools for running all sorts of service processes in a Unix environment. You may find them useful for more than just djbdns.

Assuming that you follow the standard instructions for installing these programs, your root directory will have a directory called /service in it. The subdirectories within it correspond to services that will be maintained by the daemontools supervisor process. Every five seconds or so, supervisor checks to be sure all the services are still running. Any that are not running are restarted using a standard launch script.

Unless you override the SERVICEDIR environment variable when you build them, the FreeBSD port of daemontools will use /var/service instead of /service for the services. Bear that in mind when you read documentation online. Also the FreeBSD ports will automatically fetch manpages and install them. No documentation is part of Bernstein's distribution. While his site offers HTML documentation, the manpages are separate and are maintained by someone else. They are not normally part of an installation. If, for some reason, you do not want the manpages installed, you can set the WITHOUT_MAN environment variable when you build the port.

5.4.1.3 ucspi-tcp

The ucspi-tcp tools implement the Unix Client-Server Program Interface (UCSPI) over TCP. UCSPI is an interface standard Bernstein wrote to specify the interactions between programs and communications channels. They also provide a library of networking functions that are used by the djbdns programs.

Like the daemontools, the FreeBSD port of these tools will fetch the manpages unless you set the WITHOUT_MAN environment variable before you build.

5.4.1.4 FreeBSD

The DNS service itself can be installed from ports/dns/djbdns. Note that the daemontools and ucspi-tcp packages are also ports. The only dependencies are ports/sysutils/daemontools, and ports/sysutils/ucspi-tcp, so they will automatically be installed.

5.4.1.5 Installing on OpenBSD via source

The ucspi-tcp library and daemontools do not depend on each other or on any other software, so they can be installed in any order. Follow the straightforward instructions at http://cr.yp.to/djbdns.html.

Note that the installation process for daemontools will edit your /etc/rc.local file, adding a command to your boot process.

Once you have installed the ucspi-tcp and daemontools, you can install djbdns from source following its instructions.

The instructions boil down to the same procedure for each package. For each package (daemontools, ucspi-tcp, and djbdns), do the following:

1. Download the source from http://cr.yp.to/.

2. Unzip and untar it (e.g., tar -zxf packagename.tgz).

3. cd into the directory (e.g., cd ucspi-tcp-0.88).

4. Run make.

5. Assuming everything went well, run sudo make setup check to install the software.

   For tinydns or dnscache, there are more steps. These programs act as services, so they must be registered with the daemontools' supervisor process.

6. Run the configuration script for the program (tinydns-conf and dnscache-conf, respectively). The configuration script creates the directory structure necessary for the supervisor.

7. Create a symbolic link in /service so that the supervisor will find the program and launch it.

5.4.1.6 Installing on OpenBSD via unofficial ports

Although the OpenBSD group does not distribute ports for djbdns in their official ports tree, Giacomo Cariello created a set of experimental ports at http://experimental.bug.it/. Ports for daemontools, ucspi-tcp, and djbdns are available there. These ports would make djbdns straightforward to install if they worked. Unfortunately, the latest version of these ports is for OpenBSD Version 3.2, which is several years old. These ports do not build with the OpenBSD ports system that shipped with OpenBSD 3.6. Before building from source, though, you may want to look at Cariello's site and search on Google a little to see if a new, working set of ports is available.