Date: Tue, 18 Jun 2002 06:05:24 -0700 From: Mike Makonnen <makonnen@pacbell.net> To: Sheldon Hearn <sheldonh@starjuice.net> Cc: arch@FreeBSD.ORG Subject: Re: rcNG rollout in -current Message-ID: <20020618060524.0e1f1238.makonnen@pacbell.net> In-Reply-To: <7838.1024402933@axl.seasidesoftware.co.za> References: <20020618050431.66169292.makonnen@pacbell.net> <7838.1024402933@axl.seasidesoftware.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 18 Jun 2002 14:22:13 +0200
Sheldon Hearn <sheldonh@starjuice.net> wrote:
>
> > > So it looks like the named_chrootdir idea needs a bit more thought.
> > > Unfortunately, I can't do the thinking right now.
> >
> > yeah, a sandboxed bind server seems to do that to people. :-)
> > I will make it less icky one of these days.
>
> It's a pretty small wart, given the size of the toad, and it doesn't
> take us back from where we were before. I wouldn't let this discourage
> me if I were you. In fact, if I were you, I'd feel very pleased with my
> contribution of effort. :-)
Thanks.
I wasn't complaining. Even though it is better than what we previously
had it could still use some improvement. Which reminds me,
could you put a note in UPDATING that:
- setting rcng_named on means you have to remove "-u bind -g bind"
from named_flags
- while the boot scripts will start named jailed correctly it's up to
the administrator to make sure that configuration and zone files
are placed correctly
- By default /var/run/named.pid will be symlinked to
<sandbox>/var/run/named.pid and syslog will open a socket in
<sandbox>/var/run
Thanks,
Mike.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020618060524.0e1f1238.makonnen>