Date: Mon, 20 Aug 2001 19:25:12 -0400 From: Chris Faulhaber <jedgar@fxp.org> To: Koji <koji@ciberteca.com> Cc: David Kirchner <davidk@accretivetg.com>, freebsd-security@freebsd.org Subject: Re: chroot named Message-ID: <20010820192512.A11150@peitho.fxp.org> In-Reply-To: <00a401c129ce$4c63df60$0164a8c0@daemon> References: <00a401c129ce$4c63df60$0164a8c0@daemon>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Tue, Aug 21, 2001 at 01:17:32AM +0200, Koji wrote: > > # ldd /usr/libexec/named-xfer > /usr/libexec/named-xfer: > libc.so.4 => /usr/lib/libc.so.4 (0x2809c000) > > # ldd /usr/sbin/named > /usr/sbin/named: > libc.so.4 => /usr/lib/libc.so.4 (0x280dd000) > > my chroot environment don't have any library and works correctly. Why ? > > # ls /etc/namedb/chroot > dev etc usr var > Because you aren't doing zone transfers? When you start bind, it executes in the real system then chroots itself, never needing the chrooted bin/libs. If you do zone transfers you will need the appropriate bin (named-xfer) and associated libs in the chrooted dirs. You can also create a statically-linked named-xfer and forget the libs altogether. See http://www.fxp.org/jedgar/misc/bind.txt for step-by-step instructions. -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: FreeBSD: The Power To Serve iEYEARECAAYFAjuBnFcACgkQObaG4P6BelCIaQCeMHychyKZIh6mjgsFBJHvtQm7 ncEAn374GQ9QYb3OXtvZGWRhpc6cg7j6 =UxYF -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010820192512.A11150>