On Tue, Jan 18, 2005 at 10:42:05AM -0500, Dan Williams wrote: > lwresd up to the functionality of the bind+caching-nameserver packages. > There isn't really anything that works for 99% of what we need now > _except_ bind+caching-nameserver, and since people have a crusade > against that, we have to fix up lwresd instead. Anything that does real (as opposed to just treating it as a tcp rpc service to a real name server) name resolution service inside a decent firewall doesn't work. Its hard to blame anyone since DNS comprehensively predates early firewall technology. There's a patch to make glibc stat the resolv.conf file, Ulrich may hate it but it does seem to work for non nscd cases. Having nscd aware of the situation would be even better - I take it dbus aware nscd is a no-go ? Alan