From owner-freebsd-bugs  Tue Apr 10 11:40: 7 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 842B337B423
	for <freebsd-bugs@hub.freebsd.org>; Tue, 10 Apr 2001 11:40:01 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f3AIe1770445;
	Tue, 10 Apr 2001 11:40:01 -0700 (PDT)
	(envelope-from gnats)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 46C3537B42C
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 10 Apr 2001 11:38:18 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f3AIcI170185;
	Tue, 10 Apr 2001 11:38:18 -0700 (PDT)
	(envelope-from nobody)
Message-Id: <200104101838.f3AIcI170185@freefall.freebsd.org>
Date: Tue, 10 Apr 2001 11:38:18 -0700 (PDT)
From: dpelleg+bsd@cs.cmu.edu
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-1.0
Subject: conf/26488: incomplete named sandbox information
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         26488
>Category:       conf
>Synopsis:       incomplete named sandbox information
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 10 11:40:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Dan Pelleg
>Release:        4.3-RC2
>Organization:
>Environment:
FreeBSD p 4.3-RC FreeBSD 4.3-RC #3: Fri Apr  6 05:56:31 EDT 2001 root@k:/usr/obj/usr/src/sys/P i386
>Description:
The sandbox sequence described in /etc/namedb/named.conf is not likely
to result in a working configuration. Further, neither logging nor ndc control
will work for it.

>How-To-Repeat:
less /etc/namedb/named.conf
>Fix:
--- named.conf.orig     Tue Apr 10 14:24:23 2001
+++ named.conf  Tue Apr 10 14:33:55 2001
@@ -96,6 +96,15 @@
 //     mkdir /etc/namedb/s
 //     chown bind.bind /etc/namedb/s
 //     chmod 750 /etc/namedb/s
+//     (copy the contents of /etc/namedb/ to /etc/namedb/s/etc/namedb/)
+//
+// Note that running named in a sandbox will prevent it from logging to
+// syslogd(8) and will prevent the ndc(8) commands from working.
+// To enable logging to the system logger:
+// mkdir -p /etc/namedb/s/var/run
+// and add "-l /etc/namedb/s/var/run/log" to syslogd_flags in /etc/rc.conf.
+// To use ndc, create /etc/namedb/s/var/run and either invoke ndc as
+// "ndc -c /etc/namedb/s/var/run/ndc", or
+// symlink /etc/namedb/s/var/run/ndc to /var/run and use ndc as usual.
 
 /*
 zone "domain.com" {

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message