Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 158441 - Please avoid extremely long messages in system-config-bind
Summary: Please avoid extremely long messages in system-config-bind
Alias: None
Product: Fedora
Classification: Fedora
Component: system-config-bind
Version: 5
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Jason Vas Dias
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2005-05-22 12:25 UTC by Christian Rose
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version: system-config-bind-4.0.0-41_FC6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2006-06-14 06:37:12 UTC

Attachments (Terms of Use)

Description Christian Rose 2005-05-22 12:25:11 UTC
system-config-bind as of lately includes some extremely long messages. Extremely
long messages are a pain to translate and maintain. You can read more about the
problems of long messages at

A good rule of thumb is to restrict the size of any single message to a
paragraph at most. If the text to be translated consists of several paragraphs,
split the text into paragraph-sized messages.

Below is a (not necessarily complete) list of very long messages that most
likely could be split into paragraph-sized messages:

#: ../
msgid ""
"<b>master</b>: The server has a master copy of the data for the zone and "
"will be able to provide authoritative answers for it.\n"
"<b>slave</b>: A slave zone is a replica of a master zone. A slave zone MUST "
"specify a \"masters\" list. The masters list specifies one or more IP "
"addresses of master servers that the slave contacts to update its copy of "
"the zone. By default, transfers are made from port 53 on the servers; this "
"can be changed for all servers by specifying a port number before the list "
"of IP addresses, or on a per-server basis after the IP address. "
"Authentication to the master can also be done with per-server TSIG keys. If "
"a file is specified, then the replica will be written to this file whenever "
"the zone is changed, and reloaded from this file on a server restart. Use of "
"a file is recommended, since it often speeds server start-up and eliminates "
"a needless waste of bandwidth, but is not required. Note that for large "
"numbers (in the tens or hundreds of thousands) of zones per server, it is "
"best to use a two level naming scheme for zone file names. For example, a "
"slave server for the zone might place the zone contents into a "
"file called ex/ where ex/ is just the first two letters of the "
"zone name. (Most operating systems behave very slowly if you put 100K files "
"into a single directory.)\n"
"<b>stub</b>A stub zone is similar to a slave zone, except that it replicates "
"only the NS records of a master zone instead of the entire zone. Stub zones "
"are not a standard part of the DNS; they are a feature specific to the BIND "
"implementation. Stub zones can be used to eliminate the need for glue NS "
"record in a parent zone at the expense of maintaining a stub zone entry and "
"a set of name server addresses in named.conf. This usage is not recommended "
"for new configurations, and BIND 9 supports it only in a limited way. In "
"BIND 4/8, zone transfers of a parent zone included the NS records from stub "
"children of that zone. This meant that, in some cases, users could get away "
"with configuring child stubs only in the master server for the parent zone. "
"BIND 9 never mixes together zone data from different zones in this way. "
"Therefore, if a BIND 9 master serving a parent zone has child stub zones "
"configured, all the slave servers for the parent zone also need to have the "
"same child stub zones configured. Stub zones can also be used as a way of "
"forcing the resolution of a given domain to use a particular set of "
"authoritative servers. For example, the caching name servers on a private "
"network using RFC1981 addressing may be configured with stub zones for"
" to use a set of internal name servers as the authoritative servers "
"for that domain.\n"
"<b>forward</b>: A \"forward zone\" is a way to configure forwarding on a per-"
"domain basis. A zone statement of type forward can contain a forward and/or "
"forwarders statement, which will apply to queries within the domain given by "
"the zone name. If no forwarders statement is present or an empty list for "
"forwarders is given, then no forwarding will be done for the domain, "
"canceling the effects of any forwarders in the options statement. Thus if "
"you want to use this type of zone to change the behavior of the global "
"forward option (that is, \"forward first to\", then \"forward only\", or "
"vice versa, but want to use the same servers as set globally) you need to "
"respecify the global forwarders.\n"
"<b>hint</b>: The initial set of root nameservers is specified using a \"hint "
"zone\". When the server starts up, it uses the root hints to find a root "
"nameserver and get the most recent list of root nameservers. If no hint zone "
"is specified for class IN, the server uses a compiled-in default set of root "
"servers hints. Classes other than IN have no built-in defaults hints.\n"
"<b>delegation-only</b>: This is used to enforce the delegation only status "
"of infrastructure zones (e.g. COM, NET, ORG). Any answer that is received "
"without a explicit or implict delegation in the authority section will be "
"treated as NXDOMAIN. This does not apply to the zone apex. This SHOULD NOT "
"be applied to leaf zones. delegation-only has no effect on answers received "
"from forwarders."

#: ../
msgid ""
"The server treats all Dialup zones (or ALL zones if Dialup is in Global "
"Options) as if they are doing zone transfers across a dial on demand dialup "
"link, which can be brought up by traffic originating from this server. This "
"has different effects according to zone type and concentrates the zone "
"maintenance so that it all happens in a short interval, once every "
"<b>Heartbeat interval</b> and hopefully during the one call. It also "
"suppresses some of the normal zone maintenance traffic. The default is no./"
"nThe dialup option may also be specified in the view and zone statements, in "
"which case it overrides the global dialup option.\n"
"If the zone is a master zone, then the server will send out a NOTIFY request "
"to all the slaves. This will trigger the zone serial number check in the "
"slave (providing it supports NOTIFY) allowing the slave to verify the zone "
"while the connection is active.\n"
"If the zone is a slave or stub zone, then the server will suppress the "
"regular \"zone up to date\" (refresh) queries and only perform them when the "
"<b>Heartbeat Interval</b> expires in addition to sending NOTIFY requests.\n"
"Finer control can be achieved by using <b>Notify</b> which only sends NOTIFY "
"messages, <b>Notify Passive</b> which sends NOTIFY messages and suppresses "
"the normal refresh queries, <b>Refresh</b> which suppresses normal refresh "
"processing and send refresh queries when the <b>Heartbeat Interval</b> "
"expires and <b>Passive</b> which just disables normal refresh processing."

#: ../
msgid ""
"If Notify is <tt>yes</tt> (the default), DNS NOTIFY messages are sent when a "
"zone the server is authoritative for changes. The messages are sent to all "
"the servers listed in the zone's NS records (except the master server "
"identified in the SOA MNAME field), and to any servers listed in the <b>Also "
"Notify</b> option.\n"
"If <tt>explicit</tt>, NOTIFYs are sent only to servers explicitly listed "
"using <b>Also Notify</b>. If <tt>none</tt>, no notifies are sent.\n"
"The <b>Notify</b> option may also be specified in the zone statement, in "
"which case it overrides the <b>Options</b> <b>Notify</b> statement. It would "
"only be necessary to turn off this option if it caused slaves to crash."

#: ../
msgid ""
"Specifies the IP addresses to be used for forwarding. The default is the "
"empty list (no forwarding).\n"
"Forwarding can also be configured on a per-Zone basis, allowing for the "
"global forwarding options to be overridden in a variety of ways. You can set "
"particular domains to use different forwarders, or have a different forward "
"only/first behavior, or not forward at all."

#: ../
msgid ""
"This option is fully implemented only in BIND 9.3.0 and is deprecated in "
"previous versions.\n"
"The <b>Check Names</b> option enables checking names for RFC952 compliance. "
"To check names in type <tt>master</tt> zones, specify Source as <tt>master</"
"tt>; to check names in IXFRs from a another name server, specify Source as "
"<tt>slave</tt>; to check names in responses received from other name "
"servers, specify Source as <tt>response</tt>. If a name does not pass "
"checking, the action taken by the server can be specified with Disposition: "
"if Disposition is <tt>warn</tt>, a warning message will be written to the "
"log; if <tt>fail</tt>, the server will write an error message to the log and "
"exit; if <tt>ignore</tt>, the server will ignore the check failure and allow "
"the name to be used."

#: ../
msgid ""
"The update-policy clause is new in BIND 9 and allows more fine-grained "
"control over what updates are allowed. A set of rules is specified, where "
"each rule either grants or denies permissions for one or more names to be "
"updated by one or more identities. If the dynamic update request message is "
"signed (that is, it includes either a TSIG or SIG(0) record), the identity "
"of the signer can be determined.\n"
"Rules are specified in the update-policy zone option, and are only "
"meaningful for master zones. When the update-policy statement is present, it "
"is a configuration error for the allow-update statement to be present. The "
"update-policy statement only examines the signer of a message; the source "
"address is not relevant."

#: ../
msgid ""
"Specifies which hosts are allowed to submit Dynamic DNS updates to slave "
"zones to be forwarded to the master. The default is { none; }, which means "
"that no update forwarding will be performed. To enable update forwarding, "
"specify allow-update-forwarding { any; };. Specifying values other than "
"{ none; } or { any; } is usually counterproductive, since the responsibility "
"for update access control should rest with the master server, not the "
" Note that enabling the update forwarding feature on a slave server may "
"expose master servers relying on insecure IP address based access control to "

#: ../
msgid ""
"Specify the type of database to be used for storing the zone data. The "
"string following the database keyword is interpreted as a list of whitespace-"
"delimited words. The first word identifies the database type, and any "
"subsequent words are passed as arguments to the database to be interpreted "
"in a way specific to the database type.\n"
"The default is \"rbt\", BIND 9's native in-memory red-black-tree database. "
"This database does not take arguments. Other values are possible if "
"additional database drivers have been linked into the server. Some sample "
"drivers are included with the distribution but none are linked in by default."

#: ../
msgid ""
"Specifies which hosts are to receive synthetic responses to IPv6 queries.\n"
"Many existing stub resolvers support IPv6 DNS lookups as defined in RFC1886, "
"using AAAA records for forward lookups and \"nibble labels\" in the IP6.INT "
"domain for reverse lookups, but do not support RFC2874-style lookups (using "
"A6 records and binary labels in the IP6.ARPA domain).\n"
"For those who wish to continue to use such stub resolvers rather than "
"switching to the BIND 9 lightweight resolver, BIND 9 provides a way to "
"automatically convert RFC1886-style lookups into RFC2874-style lookups and "
"return the results as \"synthetic\" AAAA and PTR records. This feature is "
"disabled by default and can be enabled on a per-client basis by adding a "
"allow-v6-synthesis { address_match_list }; clause to the options or view "
"statement. When it is enabled, recursive AAAA queries cause the server to "
"first try an A6 lookup and if that fails, AAAA lookups are attempted. No "
"matter which one succeeds, the results are returned as a set of synthetic "
"AAAA records. Similarly, recursive PTR queries in IP6.INT will cause a "
"lookup in IP6.ARPA using binary labels, and if that fails, another lookup in "
"IP6.INT. The results are returned as a synthetic PTR record in\n"
"The synthetic records have a TTL of zero. DNSSEC validation of synthetic "
"responses is not currently supported; therefore responses containing "
"synthetic RRs will not have the AD flag set.\n"
"<b>Note</b>: allow-v6-synthesis is only performed for clients that are "
"supplied recursive service."

#: ../
msgid ""
"This option is used to specify the ports on which the server will listen for "
"incoming queries sent using IPv6.\n"
"The server does not bind a separate socket to each IPv6 interface address as "
"it does for IPv4. Instead, it always listens on the IPv6 wildcard address. "
"Therefore, the only values allowed for the address_match_list argument to "
"the listen-on-v6 statement are \"Any\" and \"None\". Multiple listen-on-v6 "
"options can be used to listen on multiple ports."

#: ../
msgid ""
"If the server doesn't know the answer to a question, it will query other "
"nameservers. <b>Query Source</b> specifies the address and port used for "
"such queries. If address is * or is omitted, a wildcard IP address "
"(INADDR_ANY) will be used. If port is * or is omitted, a random unprivileged "
"port will be used. <b>Query Source</b> may be especially useful if your "
"nameserver is behind a firewall that can only unblock certain UDP ports.\n"
"<b>Note</b>: The address specified in the query-source option is used for "
"both UDP and TCP queries, but the port applies only to UDP queries. TCP "
"queries always use a random unprivileged port."

#: ../
msgid ""
"If the server doesn't know the answer to a question, it will query other "
"nameservers. <b>Query Source IPv6</b> specifies the address and port used "
"for such queries sent using IPv6. If address is * or is omitted, a wildcard "
"IP address (INADDR_ANY) will be used. If port is * or is omitted, a random "
"unprivileged port will be used. <b>Query Source IPv6</b> may be especially "
"useful if your nameserver is behind a firewall that can only unblock certain "
"UDP ports.\n"
"<b>Note</b>: The address specified in the query-source option is used for "
"both UDP and TCP queries, but the port applies only to UDP queries. TCP "
"queries always use a random unprivileged port."

#: ../
msgid ""
"The response to a DNS query may consist of multiple resource records (RRs) "
"forming a resource records set (RRset). The name server will normally return "
"the RRs within the RRset in an indeterminate order (but see the rrset-order "
"statement in Section The client resolver code should rearrange "
"the RRs as appropriate, that is, using any addresses on the local net in "
"preference to other addresses. However, not all resolvers can do this or are "
"correctly configured. When a client is using a local server the sorting can "
"be performed in the server, based on the client's address. This only "
"requires configuring the nameservers, not all the clients.\n"
"The sortlist statement takes an address_match_list and interprets it even "
"more specifically than the topology statement does. Each top level statement "
"in the sortlist must itself be an explicit address_match_list with one or "
"two elements. The first element (which may be an IP address, an IP prefix, "
"an ACL name or a nested address_match_list) of each top level list is "
"checked against the source address of the query until a match is found.\n"
"Once the source address of the query has been matched, if the top level "
"statement contains only one element, the actual primitive element that "
"matched the source address is used to select the address in the response to "
"move to the beginning of the response. If the statement is a list of two "
"elements, then the second element is treated the same as the "
"address_match_list in a topology statement. Each top level element is "
"assigned a distance and the address in the response with the minimum "
"distance is moved to the beginning of the response."

Comment 1 Jason Vas Dias 2005-05-23 16:28:24 UTC
Each message in NamedConfOptions is displayed as one string .
What is the justification for splitting them up as multiple strings ?
Can translation be accomplished without doing so ?

Comment 2 Christian Rose 2005-05-23 23:04:34 UTC
These messages can certainly be translated as-is, even though it would
be a little bit more difficult than if they were shorter, since you
lose the overview and have to scroll a lot, etc.

However, the big problem is with maintaining the translations of these
messages, since that will effectively be impossible for translators.
If you can swear on the grave of your mother that you will *never
ever* alter these messages in any way, not even to fix a tiny typo,
missing period, or any other slightest modification, then it is
However, if you cannot promise that, then be prepared that you will be
persecuted by translators all around the world if any slightest
modification of these messages should happen...

Trick question: If I altered any of the above messages slightly, like
adding a space, fixing a tiny typo, or adding a period, or a
combination of many small changes, would you be able to find out how
many changes there were and what I changed, and how quickly? Remember,
the only information you would get from me would be *what message* had
been changed, and you would not, just like translators, have access to
any tools like diff and so on. Would you be able to tell for sure what
had been changed in the message, in say, less than 30 seconds?

Comment 3 Jason Vas Dias 2005-07-16 00:54:56 UTC
This bug is now fixed with system-config-bind- .
The long help text strings are now split into one string
per sentence.

Comment 4 A S Alam 2006-06-14 06:37:12 UTC
There is no long Messages, please check and reopen issue, if you finf problem 

Test with Package:

Note You need to log in before you can comment on or make changes to this bug.