FreeBSD 4.7 and CHroot-jail bind 9
Simon Waters
Simon at wretched.demon.co.uk
Sun Jan 19 18:54:06 UTC 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
anonymous wrote:
> Hi people,
>
> I have found the "standard" document for chrooting Bind 9 on
FreeBSD
>
(http://www.cosc.canterbury.ac.nz/~tnw13/docs/HOWTO/Chroot-BIND-HOWTO.html#s
> s1.1), but isn't there a more specific document about it??
>
> Still having some pboelsm with it to get it running.
Don't know of a more specific document.
Did you try getting it running without the "chroot" first? (you
can always add a "listen-on { 127.0.0.1; };" option whilst
testing so as not to expose the unchrooted version prematurely).
What does the log say?
The start-up script use of "daemon" for lauching daemons is
rather Redhat orientated (or does FreeBSD do the same?), but you
basically add "-u named -t /home/named" (i.e. user and
directory to chroot as/to) to the existing start-up script as
options to "named".
The first time I tried this I got a working BIND 9 chrooted in
about 5 minutes, without reference to anything but the named
manual page, and the error messages from the log file. But I
started with a working "named" running as use "named", and so I
added the "-t" option, and had to shorten files named in
named.conf for the post chroot settings, and add a few options
and directories for places to dump data etc.
If this is your first BIND 9, definitely get it working, and
rndc, outside the jail first.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+KvRLGFXfHI9FVgYRAm6SAJ91Fp3IkNjN2dr+YyHAzTpVqC9vxwCgyy1N
6JPFWrx9CYuM74uwlCI6CeU=
=wbP1
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list