From owner-freebsd-questions Sun Nov 24 8:34:37 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CBFF437B401 for ; Sun, 24 Nov 2002 08:34:35 -0800 (PST) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE59943EA9 for ; Sun, 24 Nov 2002 08:34:34 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) by smtp.infracaninophile.co.uk (8.12.6/8.12.6) with ESMTP id gAOGYWQf022484 for ; Sun, 24 Nov 2002 16:34:32 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost) by happy-idiot-talk.infracaninophile.co.uk (8.12.6/8.12.6/Submit) id gAOGYRb7022483 for freebsd-questions@FreeBSD.ORG; Sun, 24 Nov 2002 16:34:27 GMT Date: Sun, 24 Nov 2002 16:34:27 +0000 From: Matthew Seaman To: freebsd-questions@FreeBSD.ORG Subject: Re: lsof: help understanding output Message-ID: <20021124163427.GC22014@happy-idiot-talk.infracaninophi> Mail-Followup-To: Matthew Seaman , freebsd-questions@FreeBSD.ORG References: <3DE0E9B9.9060104@intersonic.se> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DE0E9B9.9060104@intersonic.se> User-Agent: Mutt/1.5.1i X-Spam-Status: No, hits=-3.0 required=5.0 tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,SPAM_PHRASE_00_01, USER_AGENT,USER_AGENT_MUTT version=2.43 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Nov 24, 2002 at 04:01:13PM +0100, Per olof Ljungmark wrote: > I installed the BIND daemon as chroot to /chroot/mamed, > does the following lsof output show that named is not chroot'ed? > > FreeBSD 4.6.2, BIND 9.2.1 > > syslogd 80 root 4u unix 0xca5d0e00 0t0 > /chroot/named/dev/log > named 470 named cwd VDIR 13,131072 512 16715 > /chroot/named/etc/namedb > named 470 named rtd VDIR 13,131072 512 16305 /chroot/named > named 470 named txt VREG 13,131072 3337414 16966 > /chroot/named/named > named 470 named txt VREG 13,131079 80756 175176 > /usr/libexec/ld-elf.so.1 > named 470 named txt VREG 13,131079 580520 336941 > /usr/lib/libc.so.4 > named 470 named 0u VCHR 2,2 0t0 16948 > /chroot/named/dev/null (like character special /dev/null) > named 470 named 1u VCHR 2,2 0t0 16948 > /chroot/named/dev/null (like character special /dev/null) > named 470 named 2u VCHR 2,2 0t0 16948 > /chroot/named/dev/null (like character special /dev/null) > named 470 named 3u unix 0xca5d0bc0 0t0 ->0xca5d0ec0 > named 470 named 4u IPv4 0xca65fc80 0t0 UDP > candyman.i.inter-sonic.com:domain > named 470 named 5u IPv4 0xca6eee80 0t0 TCP > candyman.i.inter-sonic.com:domain (LISTEN) > named 470 named 6u IPv4 0xca65fb00 0t0 UDP > localhost.i.inter-sonic.com:domain > named 470 named 7u IPv4 0xca6eec60 0t0 TCP > localhost.i.inter-sonic.com:domain (LISTEN) > named 470 named 8u IPv4 0xca65fa40 0t0 UDP *:domain > named 470 named 9u IPv6 0xca65fbc0 0t0 UDP *:1064 > named 470 named 10r VCHR 2,3 0t0 16949 > /chroot/named/dev/random (like character special /dev/random) No --- that's fine. named dynamically links against libc.so.4 before the call to chroot(2), so you don't need to copy great chunks of /usr/lib into your chroot area. Then when it daemonizes, it reopens file descriptors 0, 1, 2 onto /dev/null (SOP for a well behaved daemon process: see daemon(3)), and you can see that because of the chroot(2) call, it's actually redirecting to /chroot/named/dev/null. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message