From owner-freebsd-questions Mon Aug 26 8:27:48 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0ABA937B400 for ; Mon, 26 Aug 2002 08:27:45 -0700 (PDT) Received: from mail.01.imagefoundation.com (h66-38-129-161.gtconnect.net [66.38.129.161]) by mx1.FreeBSD.org (Postfix) with SMTP id D0FF543E91 for ; Mon, 26 Aug 2002 08:27:40 -0700 (PDT) (envelope-from lists@imagefoundation.com) Received: from [142.179.108.49] (HELO localhost) by mail.01.imagefoundation.com (Stalker SMTP Server 1.8b8) with ESMTP id S.0000016449 for ; Mon, 26 Aug 2002 08:27:40 -0700 Date: Mon, 26 Aug 2002 08:27:42 -0700 Subject: chrooted Bind follow-up questions & potential Gotcha's Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v482) From: Mailing Lists To: freebsd-questions@freebsd.org Content-Transfer-Encoding: 7bit In-Reply-To: Message-Id: <5CD145A8-B908-11D6-97A5-0003935761AA@imagefoundation.com> X-Mailer: Apple Mail (2.482) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi all, Well, thanks to the generous help of several individuals on this list and the well written tutorial in the handbook on chrooting bind, I now have 2 name servers running on FreeBSD 4.6.2. It's really not that difficult to do, once you know what the heck's going on. Took me several tries over the course of a few months but hey, I'm a mac guy. If you're having problems setting your own up, just keep pouring over the list and the handbook, the lights will come on eventually (as they did in my case). In any case, now that the glow of my triumph has started to fade, I have a few more questions. - I chrooted the Bind that gets installed with FreeBSD (8.3.3, I believe it was), and I did this in place under "/etc/namedb/", as outlined in the handbook. A horrible thought just occurred to me though, what happens when I update my installation now? Will FreeBSD just leave what I've done in place? Will it magically see my chrooted Bind installation and update Named et. al. when updates are needed? Or am I, as we say here in Canada, hosed? - While going through this learning process, I kept hearing of "Jail", after getting up and running (and I mean live, up and running with about 30 domains), the coolness of Jail finally dawned on me, and I think I'd like to switch. Could I just copy my existing Bind installation to the appropriate location within the jailed environment? Should, or even can one run a chrooted Bind within a jail (talk about an onion skin approach to security!) - If I were to run Bind inside a Jail, is there any way of knowing what the minimum cruft required within the Jail is? What programs does Bind rely on to function? Thanks all, in advance Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message