From owner-freebsd-current Tue Feb 11 11:29:43 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 06AF437B401 for ; Tue, 11 Feb 2003 11:29:41 -0800 (PST) Received: from newtrinity.zeist.de (newtrinity.zeist.de [193.111.112.230]) by mx1.FreeBSD.org (Postfix) with ESMTP id 09B7A43F85 for ; Tue, 11 Feb 2003 11:29:38 -0800 (PST) (envelope-from marius@newtrinity.zeist.de) Received: from newtrinity.zeist.de (localhost [127.0.0.1]) by newtrinity.zeist.de (8.12.6/8.12.6/ZEIST.DE) with ESMTP id h1BJTYdC023333; Tue, 11 Feb 2003 20:29:34 +0100 (CET) (envelope-from marius@newtrinity.zeist.de) Received: (from marius@localhost) by newtrinity.zeist.de (8.12.6/8.12.6/Submit) id h1BJTHxJ023328; Tue, 11 Feb 2003 20:29:17 +0100 (CET) (envelope-from marius) Date: Tue, 11 Feb 2003 20:29:17 +0100 From: marius@alchemy.franken.de To: Alexander Leidinger Cc: current@FreeBSD.ORG, Mike Makonnen Subject: Re: named & chroot & rcNG & devfs Message-ID: <20030211202917.B36455@newtrinity.zeist.de> References: <20030211185931.0d37ef82.Alexander@Leidinger.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20030211185931.0d37ef82.Alexander@Leidinger.net>; from Alexander@Leidinger.net on Tue, Feb 11, 2003 at 06:59:31PM +0100 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Feb 11, 2003 at 06:59:31PM +0100, Alexander Leidinger wrote: > Hi, > > /etc/rc.d/named copies /dev with pax to the named chroot directory. This > is obviously wrong with devfs, isn't it? > /etc/rc.d/named is quite bogus, especially when it comes to running bind chrooted. E.g. /dev/null isn't needed by bind8 at all (also checked with ktrace), not sure about bind9 though as it uses daemon(3) which tries to open it. On the other hand shared libraries are needed (or a port that supports linking bind statically...) and a copy of named itself if `ndc restart` shall work. Moreover, due to the hardcoded patch for copy- ing named-xfer it also doesn't work with the bind[8,9] ports, tweaking rc-scripts to run with ports is NetBSD-style but not as FreeBSD used to be... A designated option to make syslogd(8) pick up an additional /etc/namedb/var/run/log would also be nice. Mike Makonnen is aware of the brokenness at least I mailed him about it quite some time ago, before rcNG was turned on by default. FYI, a working bind8-chroot I use on 4-stable boxes looks like this: quad# ls -R /etc/namedb/ PROTO.localhost-v6.rev PROTO.localhost.rev etc localhost-v6.rev localhost.rev make-localhost master.conf named.conf named.conf.orig named.root slave slave.conf slave_xws.conf usr var /etc/namedb/etc: localtime /etc/namedb/slave: <...> /etc/namedb/usr: lib libexec local /etc/namedb/usr/lib: libc.so.4 libm.so.2 libutil.so.3 /etc/namedb/usr/libexec: ld-elf.so.1 /etc/namedb/usr/local: libexec sbin /etc/namedb/usr/local/libexec: named-xfer /etc/namedb/usr/local/sbin: named /etc/namedb/var: db run /etc/namedb/var/db: named_dump.db /etc/namedb/var/run: log named.pid ndc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message