masters for secondary zone unreachable? For ALL zones?

[Jim Reid]

>>>>> "Ralf" == Ralf Hildebrandt <R.Hildebrandt at tu-bs.de> writes:

    >> I'd first try a named-xfer by hand from outside the jail. [And
    >> use the HP-UX equivalent of truss or ktrace to find out what
    >> files it opens.]  If that works, then repeat it inside the
    >> chroot jail. If it doesn't the debugging output from named-xfer
    >> (try -d 99) should indicate what's going wrong.

    Ralf> manually outside the jail works.

OK. That means the problem must reside in your chroot jail. You can
confirm this by removing all the chroot stuff from the name server
configuration. If it all works, then the problem has to be in the way
you set up that chroot'ed environment. If it doesn't, there's
something wrong with your named.conf.

Use a system call trace utility like truss or ktrace to find out what
files named-xfer reads. [It'll probably open up some files in /dev and
then mmap a shared library or two.] This should then tell you what
files need to be replicated in your chroot jail. Try looking at your
system's documentation about setting up an anonymous ftp service. This
usually runs in a chroot'ed environment, so there should be an
explanation about what files need to be copied from the real root of
the file system. Or you could always ask your OS support people how to
do this. After all, they get paid to answer questions like that. :-)

It might also be an idea to use a statically linked version of named
and named-xfer in the chroot jail. This might be preferable to
replicating a big bunch of files from /lib and /usr/lib as well as
stuff from /dev and whatever dynamic linking utilities and config
files your OS insists upon.