Does 'make uninstall' work?

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Does 'make uninstall' work?

Nyamkhand Buluukhuu
Hello,

I am planning to upgrade my bind 9.11.5 to 9.11.19 due to recently detected security vulnerabilities.
Since I compiled from source when I build my bind, I am wondering how I should upgrade.

Does 'make uninstall' command work? I have a source folder remained.
Or do I need to compile a newer version with a different prefix and make a link?

Which one is the safest way? If make uninstall doesn't work, how do you guys upgrade your compiled bind?

I appreciate any suggestions.
Thank you.

Have a nice day :)

BR, NYAMKHAND Buluukhuu

 

Engineer

TPD/ETSD

UNESCO street - 28, MPM Complex

Ulaanbaatar -14220, Mongolia

Mobile:   (976) 94081017

Web:       www.mobicom.mn

 

Before you start - Be safety smart

 




_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Does 'make uninstall' work?

Nyamkhand Buluukhuu
Hello again,

I found out that if you examine closely your Makefile, you can see if there is an uninstall option. It's only possible if you have your source folder though.
Like this:

uninstall::
rm -f ${DESTDIR}${sysconfdir}/bind.keys
rm -f ${DESTDIR}${mandir}/man1/bind9-config.1
rm -f ${DESTDIR}${mandir}/man1/isc-config.sh.1
rm -f ${DESTDIR}${bindir}/bind9-config
rm -f ${DESTDIR}${bindir}/isc-config.sh

So I guess, I can run "make uninstall".
Thanks.


Have a nice day :)

BR, NYAMKHAND Buluukhuu

 

Engineer

TPD/ETSD

UNESCO street - 28, MPM Complex

Ulaanbaatar -14220, Mongolia

Mobile:   (976) 94081017

Web:       www.mobicom.mn

 

Before you start - Be safety smart

 




From: bind-users <[hidden email]> on behalf of Nyamkhand Buluukhuu <[hidden email]>
Sent: Thursday, May 28, 2020 9:59 AM
To: [hidden email] <[hidden email]>
Subject: Does 'make uninstall' work?
 
Hello,

I am planning to upgrade my bind 9.11.5 to 9.11.19 due to recently detected security vulnerabilities.
Since I compiled from source when I build my bind, I am wondering how I should upgrade.

Does 'make uninstall' command work? I have a source folder remained.
Or do I need to compile a newer version with a different prefix and make a link?

Which one is the safest way? If make uninstall doesn't work, how do you guys upgrade your compiled bind?

I appreciate any suggestions.
Thank you.

Have a nice day :)

BR, NYAMKHAND Buluukhuu

 

Engineer

TPD/ETSD

UNESCO street - 28, MPM Complex

Ulaanbaatar -14220, Mongolia

Mobile:   (976) 94081017

Web:       www.mobicom.mn

 

Before you start - Be safety smart

 




_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Does 'make uninstall' work?

Bind-Users forum mailing list
In reply to this post by Nyamkhand Buluukhuu
Hi there,

On Thu, 28 May 2020, Nyamkhand Buluukhuu wrote:

> ...
> Does 'make uninstall' command work? I have a source folder remained.
> Or do I need to compile a newer version with a different prefix and make a link?
>
> Which one is the safest way? If make uninstall doesn't work, how do you guys upgrade your compiled bind?

I don't normally bother with 'make uninstall' for anything at all.

You could simply make a copy of the existing 'named' binary in a safe
place and when you run 'make install' it will (if you configured things
same as last time) overwrite your existing 'named' binary.  Of course
it will overwrite all the other BIND binaries too so this might not be
as safe as you would like it to be.

BIND releases in particular are very reliable and I don't even make a
safe copy of the 'named' binary when I build a new one.  I generally
leave the source tree from the previous version in my home directory
until I can see that the latest version is working.  If things went
wrong for some reason I could just change directory to the older one
and run 'make install' there to recover the earlier 'named' version.
Once a new version runs OK I delete the source tree for the old one.

Even if it was deleted it's very easy to recover it from the released
tarballs.  If you don't still have the source tree for the old version
now might be a good time to create it again and make sure that you can
still build the older version of the 'named' binary.  Of course you
don't need to run 'make install' for the old version but it might be
worth comparing the binary built by the 'make' step with the one that
you're running.

However since you ask for the safest way of doing things I suggest
that you first set up slave nameservers, if you do not already have
any, and make sure that your TTLs are sane - at least a few days.  My
slave servers are provided by Hurricane Electric.  I'm very happy with
their services.  If I break something on the master, or if one of a
hundred or possibly more other problems happens, then the slaves will
handle the load while I'm fixing it so isn't a big deal.

If you want to be able to run either version you could for example
configure the build process so that the old binary is somewhere like
/usr/sbin and the new one in /usr/local/sbin; then you can choose
which one runs in your startup scripts.  They will both use the same
configuration and data (in /etc/named.conf and /var/named/ or wherever
you have configured it to be).

--

73,
Ged.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Does 'make uninstall' work?

Nyamkhand Buluukhuu
Hi Ged,

That's a very useful detailed explanation.
Thank you very much.

I think, after some backup, I will run make install from the new source.

Have a nice day :)

BR, NYAMKHAND Buluukhuu

 

Engineer

TPD/ETSD

UNESCO street - 28, MPM Complex

Ulaanbaatar -14220, Mongolia

Mobile:   (976) 94081017

Web:       www.mobicom.mn

 

Before you start - Be safety smart

 




From: bind-users <[hidden email]> on behalf of G.W. Haywood via bind-users <[hidden email]>
Sent: Thursday, May 28, 2020 8:02 PM
To: [hidden email] <[hidden email]>
Subject: Re: Does 'make uninstall' work?
 
Hi there,

On Thu, 28 May 2020, Nyamkhand Buluukhuu wrote:

> ...
> Does 'make uninstall' command work? I have a source folder remained.
> Or do I need to compile a newer version with a different prefix and make a link?
>
> Which one is the safest way? If make uninstall doesn't work, how do you guys upgrade your compiled bind?

I don't normally bother with 'make uninstall' for anything at all.

You could simply make a copy of the existing 'named' binary in a safe
place and when you run 'make install' it will (if you configured things
same as last time) overwrite your existing 'named' binary.  Of course
it will overwrite all the other BIND binaries too so this might not be
as safe as you would like it to be.

BIND releases in particular are very reliable and I don't even make a
safe copy of the 'named' binary when I build a new one.  I generally
leave the source tree from the previous version in my home directory
until I can see that the latest version is working.  If things went
wrong for some reason I could just change directory to the older one
and run 'make install' there to recover the earlier 'named' version.
Once a new version runs OK I delete the source tree for the old one.

Even if it was deleted it's very easy to recover it from the released
tarballs.  If you don't still have the source tree for the old version
now might be a good time to create it again and make sure that you can
still build the older version of the 'named' binary.  Of course you
don't need to run 'make install' for the old version but it might be
worth comparing the binary built by the 'make' step with the one that
you're running.

However since you ask for the safest way of doing things I suggest
that you first set up slave nameservers, if you do not already have
any, and make sure that your TTLs are sane - at least a few days.  My
slave servers are provided by Hurricane Electric.  I'm very happy with
their services.  If I break something on the master, or if one of a
hundred or possibly more other problems happens, then the slaves will
handle the load while I'm fixing it so isn't a big deal.

If you want to be able to run either version you could for example
configure the build process so that the old binary is somewhere like
/usr/sbin and the new one in /usr/local/sbin; then you can choose
which one runs in your startup scripts.  They will both use the same
configuration and data (in /etc/named.conf and /var/named/ or wherever
you have configured it to be).

--

73,
Ged.
_______________________________________________
Please visit https://protect2.fireeye.com/v1/url?k=52325220-0c58a81c-52356bff-866fa2a80457-4a5035e6f9b43a71&q=1&e=6c9a333c-51c7-414d-b211-b01fcf863892&u=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fbind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://protect2.fireeye.com/v1/url?k=8ecf9a4b-d0a56077-8ec8a394-866fa2a80457-5253f95089677252&q=1&e=6c9a333c-51c7-414d-b211-b01fcf863892&u=https%3A%2F%2Fwww.isc.org%2Fcontact%2F for more information.


bind-users mailing list
[hidden email]
https://protect2.fireeye.com/v1/url?k=a0b8f062-fed20a5e-a0bfc9bd-866fa2a80457-19a4b40ba0cdb8e8&q=1&e=6c9a333c-51c7-414d-b211-b01fcf863892&u=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fbind-users

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users