It seems that bind-8.2.2_P3-0.5.2 is very unstable.
I was able to run my server for weeks and now I need to shutdown named at
least once a day. As this behaviour will also influence sendmail it is
becoming rather annoying and a real pain in the butt.
Basically it makes a mission critical machine rather unreliable. Some
sources already indicated that the P3 version of bind is NOT to be used but
one should use P5 as indicated on: http://www.isc.org/products/BIND/
Found some more about the issue.
It seems named is not started by default in runlevel 3 anymore. It used to do
before the security update. But apparantly the update broke this.
I suggest you create a fix for this and make sure you don't change the runlevel
settings of a package while you upgrade.
The runlevels change is a security feature, not a bug. We now default to turning
everything off before it's configured.
As for stability, I've been running a test box ever since you originally
reported the bug, and haven't had to restart named at all - do you get anything
in syslog when your named crashes?
As for using 8.2.2P5 instead of P3, the page you quoted says you should update
to at least 8.2.2P3 (P5 does NOT have any new security fixes), and if you're
using a vendor-provided 8.2.2P3, you should confirm the named-xfer bug has been
patched. We have patched it in 8.2.2P3-0.*, so there's no reason to go 8.2.2P5.
It is not only unstable, but running rpm -K --nopgp also reports
size md5 GPG NOT OK
This also occurs for a number of RH 5.2 upgrade packages, namely:
All of these RPMs give the "size md5 GPG NOT OK" message, and according to
documentation I read on rpm, people should not install such RPMs.
What I find curious is what such packages are doing in the download directory.
Why would this condition not be verified before making RPMs available for